LOGIN
CONTACT SALES
LOGIN
CONTACT SALES

Bootstrap – CVE-2018-14040

Description

Cytrix has detected that the version of Bootstrap being used is vulnerable to Cross-site scripting (XSS).

Cross-site scripting (XSS) is possible through the collapse data-parent attribute. Also known as CVE-2018-14040.
This will allow the attacker to add and modify the data.

Severity/Score

CVSS Version 3.x – 6.1 Medium

Recommendation

To deal with CVE-2018-14040, update the version of the Bootstrap being used.
Make sure its version is 4.1.2 or higher.

Some claim that upgrading to version 3.4.1 would be enough. Depends on your personal choice.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14040

https://cwe.mitre.org/data/definitions/79.html

< Return to all Vulnerabilities

Request a Demo

What is Cytrix

Cytrix scanner is helping all businesses, both SMBs and enterprises, to test their online assets and products for over 30,000+ vulnerabilities.Cytrix’s mission is to make

Read More »

The Cloud

I’m pretty sure there isn’t a single adult in the world who hasn’t at least heard of The Cloud. Explaining “The Cloud” in 2022 may

Read More »

Passwords 101

Unlike basketballs, “passwords” are things we don’t want to be passed around, especially in a society built around the idea that “mystery” is appealing. We

Read More »
Facebook Linkedin

Company

Resources

Docs

Latest posts

PING US
Facebook Linkedin