Page 2 of 6 results (0.020 seconds)

CVSS: 6.1EPSS: 0%CPEs: 11EXPL: 3

In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. En Bootstrap en versiones anteriores a la 4.1.2, es posible Cross-Site Scripting (XSS) en la propiedad data-container de tooltip. • https://github.com/ossf-cve-benchmark/CVE-2018-14042 https://github.com/Snorlyd/https-nj.gov---CVE-2018-14042 http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html http://seclists.org/fulldisclosure/2019/May/10 http://seclists.org/fulldisclosure/2019/May/11 http://seclists.org/fulldisclosure/2019/May/13 https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2 https://github.com/twbs/bootstrap/issues/26423 https://github.com/twbs/bootstrap/issues/2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •