Miggo Logo
Miggo Vulnerability Database
CVE-2018-14041

CVE-2018-14041: Bootstrap Cross-site Scripting vulnerability

6.1

CVSS Score
3.0

Basic Information

CVE ID
CVE-2018-14041
GHSA ID
GHSA-pj7m-g53m-7638
EPSS Score
0.88969%
CWE
CWE-79
Published
9/13/2018
Updated
8/1/2024
KEV Status
No
Technology
TechnologyJavaScript

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
bootstrapnpm>= 4.0.0, < 4.1.24.1.2
typo3/cms-corecomposer>= 8.0.0, < 8.7.238.7.23
typo3/cms-corecomposer>= 9.0.0, < 9.5.49.5.4
typo3/cmscomposer>= 8.0.0, < 8.7.238.7.23
typo3/cmscomposer>= 9.0.0, < 9.5.49.5.4
bootstraprubygems>= 4.0.0, < 4.1.24.1.2
twbs/bootstrapcomposer>= 4.0.0, < 4.1.24.1.2
bootstrapnuget>= 4.0.0, < 4.1.24.1.2
bootstrap.sassnuget>= 4.0.0, < 4.1.24.1.2
org.webjars:bootstrapmaven>= 4.0.0, < 4.1.24.1.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis:
In progress

WAF Protection Rules

WAF Rule

In *ootstr*p *.x ***or* *.*.*, XSS is possi*l* in t** **t*-t*r**t prop*rty o* s*rollspy. T*is is simil*r to *V*-****-*****.

Reasoning

No *n*lysis *v*il**l*