Bootstrap Cross-site Scripting vulnerability
Moderate severity
GitHub Reviewed
Published
Sep 13, 2018
to the GitHub Advisory Database
•
Updated Jan 23, 2024
Description
Published by the National Vulnerability Database
Jul 13, 2018
Published to the GitHub Advisory Database
Sep 13, 2018
Reviewed
Jun 16, 2020
Last updated
Jan 23, 2024
In Bootstrap starting in version 2.3.0 and prior to versions 3.4.0 and 4.1.2, XSS is possible in the data-container property of tooltip. This is similar to CVE-2018-14041.
References