Bootstrap – CVE-2018-14042

Description

Kayran has detected that the version of Bootstrap being used is vulnerable to Cross-site scripting (XSS).

Cross-site scripting (XSS) is possible in the data-container property of “tooltip”.
Also known as CVE-2018-14042.

This vulnerability allows attackers to modify system files and information.

Severity/Score

CVSS Version 3.x – 6.1 Medium

Recommendation

To deal with CVE-2018-14042, update the version of the Bootstrap being used.
Make sure its version is 4.1.2 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14042

https://cwe.mitre.org/data/definitions/79.html

< Return to all Vulnerabilities

HTTP VS. HTTPS

You must have once wondered what HTTP means and what is the difference between that ugly word to HTTPS, and if not, then please read

Read More »