Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2018-14042

In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.

CVSS v3:

  • Severity: Medium
  • Score: 6.1
  • AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
getbootstrap / bootstrap 4.0.0 4.1.2
getbootstrap / bootstrap 4.0.0-beta3 4.0.0-beta3.x
getbootstrap / bootstrap 4.0.0-beta2 4.0.0-beta2.x
getbootstrap / bootstrap 4.0.0-beta 4.0.0-beta.x
getbootstrap / bootstrap 4.0.0-alpha6 4.0.0-alpha6.x
getbootstrap / bootstrap 4.0.0-alpha5 4.0.0-alpha5.x
getbootstrap / bootstrap 4.0.0-alpha4 4.0.0-alpha4.x
getbootstrap / bootstrap 4.0.0-alpha3 4.0.0-alpha3.x
getbootstrap / bootstrap 4.0.0-alpha2 4.0.0-alpha2.x
getbootstrap / bootstrap 4.0.0-alpha 4.0.0-alpha.x
getbootstrap / bootstrap - 3.4.0
bootstrap - 4.1.2