Bootstrap – CVE-2018-14042

Home » Blog » Bootstrap – CVE-2018-14042

Description

Kayran has detected that the version of Bootstrap being used is vulnerable to Cross-site scripting (XSS).

Cross-site scripting (XSS) is possible in the data-container property of “tooltip”.
Also known as CVE-2018-14042.

This vulnerability allows attackers to modify system files and information.

Severity/Score

CVSS Version 3.x – 6.1 Medium

Recommendation

To deal with CVE-2018-14042, update the version of the Bootstrap being used.
Make sure its version is 4.1.2 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14042

https://cwe.mitre.org/data/definitions/79.html

< Return to all Vulnerabilities

HTTP VS. HTTPS

You must have once wondered what HTTP means and what is the difference between that ugly word to HTTPS, and if not, then please read

Explaining API

We’ve talked about API’s Vulnerability in here, but i feel like there’s much more to talk about and explain since this is a big and

The Cloud

I’m pretty sure there isn’t a single adult in the world who hasn’t at least heard of The Cloud. Explaining “The Cloud” in 2022 may

Networking? – Social Engineering

In our time, we know that socializing has a very high importance and that every person (almost) has a basic need to maintain certain “connection”

The fundamentals of HTML

HTML is not a single word, in oppose to what many people think, HTML stands for HyperText Markup Language, and from the fact the language’s

Zeroed In – Zero-Day Attacks

If you are familiar with programming, you know that Zero ([0]) is usually the starting point of arrays, that is called Zero-based numbering, what does

WEB APPLICATION VULNERABILITY SCANNER