The IT department ran a tool to determine how secure is our site, which was detected the following vulnerability
Vulnerable javascript library: Bootstrap version: 4.0.0-beta
Details: CVE-2018-14041: The data-target property of scrollspy in bootstrap versions on or above 4.0.0-alpha and before 4.1.2 are vulnerable to Cross-Site Scripting(XSS) attacks. Please refer to vendor documentation (https://github.com/twbs/bootstrap/issues/20184) for the latest security updates.
CVE-2018-14040: Bootstrap versions on or above 4.0.0-alpha and before 4.1.2 are vulnerable to Cross-Site Scripting(XSS) in collapse data-parent attribute. Please refer to vendor documentation (https://github.com/twbs/bootstrap/issues/20184) for latest security updates.
CVE-2018-14042: Bootstrap versions on or above 4.0.0-alpha and before 4.1.2 are vulnerable to Cross-Site Scripting(XSS) in data-container property of tooltip. Please refer to vendor documentation (https://github.com/twbs/bootstrap/issues/20184) for latest security updates.
Can you support me to update the bootstrap version?
The IT department ran a tool to determine how secure is our site, which was detected the following vulnerability
Vulnerable javascript library: Bootstrap version: 4.0.0-beta Details: CVE-2018-14041: The data-target property of scrollspy in bootstrap versions on or above 4.0.0-alpha and before 4.1.2 are vulnerable to Cross-Site Scripting(XSS) attacks. Please refer to vendor documentation (https://github.com/twbs/bootstrap/issues/20184) for the latest security updates.
CVE-2018-14040: Bootstrap versions on or above 4.0.0-alpha and before 4.1.2 are vulnerable to Cross-Site Scripting(XSS) in collapse data-parent attribute. Please refer to vendor documentation (https://github.com/twbs/bootstrap/issues/20184) for latest security updates.
CVE-2018-14042: Bootstrap versions on or above 4.0.0-alpha and before 4.1.2 are vulnerable to Cross-Site Scripting(XSS) in data-container property of tooltip. Please refer to vendor documentation (https://github.com/twbs/bootstrap/issues/20184) for latest security updates.
Can you support me to update the bootstrap version?