Required CVE Record Information
Description
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
References 13 Total
- https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906
- https://github.com/twbs/bootstrap/pull/26460
- https://github.com/twbs/bootstrap/issues/20184
- https://github.com/twbs/bootstrap/pull/23687
- https://github.com/twbs/bootstrap/pull/23679
- https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/
- access.redhat.com: RHSA-2019:1456 vendor-advisory
- access.redhat.com: RHBA-2019:1076 vendor-advisory
- access.redhat.com: RHBA-2019:1570 vendor-advisory
- access.redhat.com: RHSA-2019:3023 vendor-advisory
- access.redhat.com: RHSA-2020:0132 vendor-advisory
- access.redhat.com: RHSA-2020:0133 vendor-advisory
- https://www.tenable.com/security/tns-2021-14
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 13 Total
- https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906 x_transferred
- https://github.com/twbs/bootstrap/pull/26460 x_transferred
- https://github.com/twbs/bootstrap/issues/20184 x_transferred
- https://github.com/twbs/bootstrap/pull/23687 x_transferred
- https://github.com/twbs/bootstrap/pull/23679 x_transferred
- https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/ x_transferred
- access.redhat.com: RHSA-2019:1456 vendor-advisoryx_transferred
- access.redhat.com: RHBA-2019:1076 vendor-advisoryx_transferred
- access.redhat.com: RHBA-2019:1570 vendor-advisoryx_transferred
- access.redhat.com: RHSA-2019:3023 vendor-advisoryx_transferred
- access.redhat.com: RHSA-2020:0132 vendor-advisoryx_transferred
- access.redhat.com: RHSA-2020:0133 vendor-advisoryx_transferred
- https://www.tenable.com/security/tns-2021-14 x_transferred