Request a Demo

Bootstrap – CVE-2018-14040

Description

Kayran has detected that the version of Bootstrap being used is vulnerable to Cross-site scripting (XSS).

Cross-site scripting (XSS) is possible through the collapse data-parent attribute. Also known as CVE-2018-14040.
This will allow the attacker to add and modify the data.

Severity/Score

CVSS Version 3.x – 6.1 Medium

Recommendation

To deal with CVE-2018-14040, update the version of the Bootstrap being used.
Make sure its version is 4.1.2 or higher.

Some claim that upgrading to version 3.4.1 would be enough. Depends on your personal choice.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14040

https://cwe.mitre.org/data/definitions/79.html

< Return to all Vulnerabilities

Request a Demo

What is Kayran

Kayran scanner is helping all businesses, both SMBs and enterprises, to test their online assets and products for over 30,000+ vulnerabilities.Kayran’s mission is to make

Read More »

The Dark Web

Let’s talk about the darker and more mysterious side of the internet, also known as The Dark Web. You’ve probably heard about it, whether it’s

Read More »

HTTP VS. HTTPS

You must have once wondered what HTTP means and what is the difference between that ugly word to HTTPS, and if not, then please read

Read More »
Facebook Linkedin

WEB APPLICATION VULNERABILITY SCANNER

Links

registered user?

Log in
Facebook Linkedin