Bootstrap – CVE-2018-14042

Home » Blog » Bootstrap – CVE-2018-14042

Description

Kayran has detected that the version of Bootstrap being used is vulnerable to Cross-site scripting (XSS).

Cross-site scripting (XSS) is possible in the data-container property of “tooltip”.
Also known as CVE-2018-14042.

This vulnerability allows attackers to modify system files and information.

Severity/Score

CVSS Version 3.x – 6.1 Medium

Recommendation

To deal with CVE-2018-14042, update the version of the Bootstrap being used.
Make sure its version is 4.1.2 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14042

https://cwe.mitre.org/data/definitions/79.html

< Return to all Vulnerabilities

The Dark Web

Let’s talk about the darker and more mysterious side of the internet, also known as The Dark Web. You’ve probably heard about it, whether it’s

Man-In-The-Middle Attacks

Do you know these people who just push themselves into conversations?That’s Man-In-The-Middle Attacks. And from a wider angle, Man-In-The-Middle Attacks, or MITM, are built around

Information Disclosure – Self revealing our Secrets

Remember those tired Devs? Well, sometimes they tend to make mistakes, as mentioned before, but imagine, writing everything important to you on a wall visible

Cyberbullying – We Need to Talk About it

Disclaimer: We in Kayran do not support or encourage any forms or acts of Cyber-bullying. We do not intend to hurt or make fun of

A security vulnerability our API hates

As you know, we’ve talked about many different and critical subjects related to application programming and knowing that it is very important to protect them,

Passwords 101

Unlike basketballs, “passwords” are things we don’t want to be passed around, especially in a society built around the idea that “mystery” is appealing. We

WEB APPLICATION VULNERABILITY SCANNER