Upgrade Bootstrap from v3 to v4

Question

bow-fujita opened this issue 6 years ago · comments

Vulnerable versions: < 4.1.2
Patched version: 4.1.2

In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy. This is similar to CVE-2018-14042.

Hiro Fujita · Answer 1 · Tue Oct 30 2018 08:01:00 GMT+0800 (China Standard Time)

Check out this SO article to migrate Glyphicons to FontAwesome.