Bootstrap – CVE-2018-14042

Description

Kayran has detected that the version of Bootstrap being used is vulnerable to Cross-site scripting (XSS).

Cross-site scripting (XSS) is possible in the data-container property of “tooltip”.
Also known as CVE-2018-14042.

This vulnerability allows attackers to modify system files and information.

Severity/Score

CVSS Version 3.x – 6.1 Medium

Recommendation

To deal with CVE-2018-14042, update the version of the Bootstrap being used.
Make sure its version is 4.1.2 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14042

https://cwe.mitre.org/data/definitions/79.html

< Return to all Vulnerabilities

HTTP VS. HTTPS

You must have once wondered what HTTP means and what is the difference between that ugly word to HTTPS, and if not, then please read

Read More »

Explaining API

We’ve talked about API’s Vulnerability in here, but i feel like there’s much more to talk about and explain since this is a big and

Read More »

The Cloud

I’m pretty sure there isn’t a single adult in the world who hasn’t at least heard of The Cloud. Explaining “The Cloud” in 2022 may

Read More »