Bootstrap – CVE-2018-14041

Description

Kayran has detected that the version of Bootstrap being used is vulnerable to Cross-site scripting (XSS).

Cross-site scripting (XSS) is possible in the data-target property of scrollspy. Also known as CVE-2018-14041.
This will allow the attacker to add and modify the data.

Recommendation

To deal with CVE-2018-14041, update the version of the Bootstrap being used.
Make sure its version is 4.1.2 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14041

https://cwe.mitre.org/data/definitions/79.html

< Return to all Vulnerabilities

The Cloud

I’m pretty sure there isn’t a single adult in the world who hasn’t at least heard of The Cloud. Explaining “The Cloud” in 2022 may

Read More »

Exposing the GIT

Let’s start with defining the meaning of GIT. GIT – is an open-source system which we use as a tool to store data and information

Read More »