CVE-2018-14041: Cross-Site Scripting (XSS) in Bootstrap 3.3.7 - Upgrade to Bootstrap 4.1.3

mkdocs / mkdocs-bootstrap

MkDocs Bootstrap Theme

http://mkdocs.github.io/mkdocs-bootstrap/

BSD 2-Clause "Simplified" License

84 stars 38 forks source link

Closed oxr463 closed 5 years ago

oxr463 commented 5 years ago

In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.

oxr463 commented 5 years ago