Description
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Import Export Information Disclosure (3.9.15)
Apache Denial of service in mod_lua r:parsebody Vulnerability (CVE-2022-29404)
WordPress Plugin Mingle Forum Multiple Cross-Site Request Forgery Vulnerabilities (1.0.34)
Apache HTTP Server Session Fixation Vulnerability (CVE-2001-1534)
WordPress Plugin Elementor Addon Elements Cross-Site Request Forgery (1.11.7)