Description
A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS) attacks. The issue is present in the carousel component, where the data-slide and data-slide-to attributes can be exploited through the href attribute of an <a> tag due to inadequate sanitization. This vulnerability could potentially enable attackers to execute arbitrary JavaScript within the victim's browser.
Remediation
References
Related Vulnerabilities
WordPress Plugin Register IPs Unspecified Vulnerability (1.8.0)
WordPress Multiple Cross-Site Scripting Vulnerabilities (2.0.11 - 2.3)
MySQL CVE-2013-0368 Vulnerability (CVE-2013-0368)
WordPress Plugin SVG Support Cross-Site Scripting (2.5.1)
Jenkins Improper Input Validation Vulnerability (CVE-2016-0789)