[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2018-14042":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":44,"aliases":54,"duplicate_of":9,"upstream":56,"downstream":57,"duplicates":82,"related":83,"reserved_at":9,"published_at":86,"modified_at":87,"state":88,"summary":89,"references_raw":97,"kevs":240,"epss":241,"epss_history":244,"metrics":506,"affected":523},"CVE-2018-14042","In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-79","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.","weakness","Stable","Base","High",[20,24,28,32,36,40],{"id":21,"name":22,"techniques":23},"CAPEC-209","XSS Using MIME Type Mismatch",[],{"id":25,"name":26,"techniques":27},"CAPEC-588","DOM-Based XSS",[],{"id":29,"name":30,"techniques":31},"CAPEC-591","Reflected XSS",[],{"id":33,"name":34,"techniques":35},"CAPEC-592","Stored XSS",[],{"id":37,"name":38,"techniques":39},"CAPEC-63","Cross-Site Scripting (XSS)",[],{"id":41,"name":42,"techniques":43},"CAPEC-85","AJAX Footprinting",[],[45],{"_key":46,"name":47,"source":48,"url":49,"maturity":50,"reliability_score":51,"verified":52,"type":9,"platforms":53,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_TWBS_BOOTSTRAP","Bootstrap","github","https://github.com/twbs/bootstrap/issues/20184","poc",0.3,false,[],[55],"GHSA-7mvr-5x2g-wfc8",[],[58,60,62,64,66,68,70,72,74,76,78,80],{"_key":59},"UBUNTU-CVE-2018-14042",{"_key":61},"DEBIAN-CVE-2018-14042",{"_key":63},"RHSA-2020:3936",{"_key":65},"RHSA-2020:4670",{"_key":67},"RHSA-2020:5571",{"_key":69},"RHSA-2020:4847",{"_key":71},"RHSA-2023:0552",{"_key":73},"RHSA-2023:0553",{"_key":75},"RHSA-2023:0554",{"_key":77},"RHSA-2023:1043",{"_key":79},"RHSA-2023:1044",{"_key":81},"RHSA-2023:1045",[],[84],{"_key":85},"CGA-G286-46FR-375R","2018-07-13T14:00:00.000Z","2024-08-05T09:21:41.010Z","Modified",{"cisa_kev":52,"cisa_ransomware":52,"cisa_vendor":9,"epss_severity":90,"epss_score":91,"severity":92,"severity_score":93,"severity_version":94,"severity_source":95,"severity_vector":96,"severity_status":88},"low",0.02281,"medium",6.1,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",[98,109,114,118,122,127,131,135,139,144,148,152,156,163,167,172,177,182,187,191,195,199,203,207,211,215,219,223,228,232,236],{"url":99,"sources":100,"tags":105},"https://seclists.org/bugtraq/2019/May/18",[101,95,102,103,104],"cve.org","osv_npm","osv_maven","osv_nuget",[106,107,108],"Mailing List","X Refsource BUGTRAQ","WEB",{"url":110,"sources":111,"tags":112},"http://seclists.org/fulldisclosure/2019/May/11",[101,95,102,103,104],[106,113,108],"X Refsource FULLDISC",{"url":115,"sources":116,"tags":117},"http://seclists.org/fulldisclosure/2019/May/10",[101,95,102,103,104],[106,113,108],{"url":119,"sources":120,"tags":121},"http://seclists.org/fulldisclosure/2019/May/13",[101,95,102,103,104],[106,113,108],{"url":123,"sources":124,"tags":125},"https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e%40%3Cdev.superset.apache.org%3E",[101,95],[106,126],"X Refsource MLIST",{"url":128,"sources":129,"tags":130},"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E",[101,95],[106,126],{"url":132,"sources":133,"tags":134},"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E",[101,95],[106,126],{"url":136,"sources":137,"tags":138},"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E",[101,95],[106,126],{"url":140,"sources":141,"tags":142},"http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html",[101,95,102,103,104],[143,108],"X Refsource MISC",{"url":145,"sources":146,"tags":147},"https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714%40%3Cissues.hbase.apache.org%3E",[101,95],[106,126],{"url":149,"sources":150,"tags":151},"https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E",[101,95],[106,126],{"url":153,"sources":154,"tags":155},"https://www.oracle.com/security-alerts/cpuApr2021.html",[101,95,102,103,104],[143,108],{"url":157,"sources":158,"tags":159},"https://github.com/twbs/bootstrap/pull/26630",[101,95,102,103,104],[143,160,161,162,108],"Issue Tracking","Patch","Third Party Advisory",{"url":164,"sources":165,"tags":166},"https://github.com/twbs/bootstrap/issues/26423",[101,95,102,103,104],[143,160,162,108],{"url":168,"sources":169,"tags":170},"https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/",[101,95],[143,171],"Vendor Advisory",{"url":173,"sources":174,"tags":175},"https://github.com/twbs/bootstrap/issues/26628",[101,95,102,103,104],[143,176,160,162,108],"Exploit",{"url":178,"sources":179,"tags":180},"https://www.tenable.com/security/tns-2021-14",[101,95,102,103,104],[181,108],"X Refsource CONFIRM",{"url":183,"sources":184,"tags":185},"https://nvd.nist.gov/vuln/detail/CVE-2018-14042",[102,103,104],[186],"Advisory",{"url":188,"sources":189,"tags":190},"https://github.com/twbs/bootstrap/issues/26428",[102,103,104],[108],{"url":192,"sources":193,"tags":194},"https://github.com/twbs/bootstrap/commit/2a5ba23ce8f041f3548317acc992ed8a736b609d",[102,103,104],[108],{"url":196,"sources":197,"tags":198},"https://github.com/twbs/bootstrap/commit/2d90d369bbc2bd2647620246c55cec8c4705e3d0",[102,103,104],[108],{"url":200,"sources":201,"tags":202},"https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E",[102,103,104],[108],{"url":204,"sources":205,"tags":206},"https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E",[102,103,104],[108],{"url":208,"sources":209,"tags":210},"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E",[102,103,104],[108],{"url":212,"sources":213,"tags":214},"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E",[102,103,104],[108],{"url":216,"sources":217,"tags":218},"https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E",[102,103,104],[108],{"url":220,"sources":221,"tags":222},"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E",[102,103,104],[108],{"url":224,"sources":225,"tags":226},"https://github.com/twbs/bootstrap",[102,103,104],[227],"PACKAGE",{"url":229,"sources":230,"tags":231},"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2018-14042.yml",[102,103,104],[108],{"url":233,"sources":234,"tags":235},"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap-sass/CVE-2018-14042.yml",[102,103,104],[108],{"url":237,"sources":238,"tags":239},"https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2",[102,103,104],[108],[],{"date":242,"score":91,"percentile":243},"2026-06-04",0.84981,[245,249,252,255,258,261,264,267,270,273,276,279,282,285,288,292,295,298,301,304,306,308,311,314,316,318,321,324,328,331,333,336,339,342,344,347,350,353,356,359,362,365,368,371,374,377,380,383,386,389,392,395,398,401,405,408,411,414,417,420,423,426,429,431,434,437,439,442,445,447,449,452,455,457,460,463,466,469,472,475,478,481,484,487,490,493,495,497,500,503],{"date":246,"score":247,"percentile":248},"2025-11-04",0.01985,0.8299,{"date":250,"score":247,"percentile":251},"2025-11-05",0.82995,{"date":253,"score":247,"percentile":254},"2025-11-06",0.82998,{"date":256,"score":247,"percentile":257},"2025-11-07",0.83007,{"date":259,"score":247,"percentile":260},"2025-11-08",0.83014,{"date":262,"score":247,"percentile":263},"2025-11-09",0.83009,{"date":265,"score":247,"percentile":266},"2025-11-10",0.83003,{"date":268,"score":247,"percentile":269},"2025-11-11",0.83011,{"date":271,"score":247,"percentile":272},"2025-11-12",0.83021,{"date":274,"score":247,"percentile":275},"2025-11-13",0.83026,{"date":277,"score":247,"percentile":278},"2025-11-14",0.83029,{"date":280,"score":247,"percentile":281},"2025-11-15",0.83022,{"date":283,"score":247,"percentile":284},"2025-11-16",0.83024,{"date":286,"score":247,"percentile":287},"2025-11-17",0.8302,{"date":289,"score":290,"percentile":291},"2025-11-18",0.04248,0.87676,{"date":293,"score":290,"percentile":294},"2025-11-19",0.87682,{"date":296,"score":290,"percentile":297},"2025-11-20",0.87687,{"date":299,"score":247,"percentile":300},"2025-11-21",0.83034,{"date":302,"score":247,"percentile":303},"2025-11-22",0.83035,{"date":305,"score":247,"percentile":278},"2025-11-23",{"date":307,"score":247,"percentile":278},"2025-11-24",{"date":309,"score":247,"percentile":310},"2025-11-25",0.83032,{"date":312,"score":247,"percentile":313},"2025-11-26",0.83033,{"date":315,"score":247,"percentile":310},"2025-11-27",{"date":317,"score":247,"percentile":281},"2025-11-28",{"date":319,"score":247,"percentile":320},"2025-11-29",0.83036,{"date":322,"score":247,"percentile":323},"2025-11-30",0.83039,{"date":325,"score":326,"percentile":327},"2025-12-01",0.04429,0.88657,{"date":329,"score":326,"percentile":330},"2025-12-02",0.88658,{"date":332,"score":326,"percentile":327},"2025-12-03",{"date":334,"score":247,"percentile":335},"2025-12-04",0.8304,{"date":337,"score":247,"percentile":338},"2025-12-05",0.83046,{"date":340,"score":247,"percentile":341},"2025-12-06",0.83043,{"date":343,"score":247,"percentile":335},"2025-12-07",{"date":345,"score":247,"percentile":346},"2025-12-08",0.83042,{"date":348,"score":247,"percentile":349},"2025-12-09",0.83057,{"date":351,"score":247,"percentile":352},"2025-12-10",0.83081,{"date":354,"score":247,"percentile":355},"2025-12-11",0.83096,{"date":357,"score":247,"percentile":358},"2025-12-12",0.83105,{"date":360,"score":247,"percentile":361},"2025-12-13",0.83103,{"date":363,"score":247,"percentile":364},"2025-12-14",0.831,{"date":366,"score":247,"percentile":367},"2025-12-15",0.83101,{"date":369,"score":247,"percentile":370},"2025-12-16",0.83112,{"date":372,"score":247,"percentile":373},"2025-12-17",0.8312,{"date":375,"score":247,"percentile":376},"2025-12-18",0.83127,{"date":378,"score":247,"percentile":379},"2025-12-19",0.83131,{"date":381,"score":247,"percentile":382},"2025-12-20",0.83124,{"date":384,"score":247,"percentile":385},"2025-12-21",0.83123,{"date":387,"score":247,"percentile":388},"2025-12-22",0.83125,{"date":390,"score":247,"percentile":391},"2025-12-23",0.83132,{"date":393,"score":247,"percentile":394},"2025-12-24",0.8314,{"date":396,"score":247,"percentile":397},"2025-12-25",0.83154,{"date":399,"score":247,"percentile":400},"2025-12-26",0.83158,{"date":402,"score":403,"percentile":404},"2025-12-27",0.01057,0.77152,{"date":406,"score":247,"percentile":407},"2025-12-28",0.83146,{"date":409,"score":247,"percentile":410},"2025-12-29",0.83142,{"date":412,"score":247,"percentile":413},"2025-12-30",0.83148,{"date":415,"score":247,"percentile":416},"2025-12-31",0.83161,{"date":418,"score":326,"percentile":419},"2026-01-01",0.88739,{"date":421,"score":326,"percentile":422},"2026-01-02",0.88734,{"date":424,"score":326,"percentile":425},"2026-01-03",0.88731,{"date":427,"score":247,"percentile":428},"2026-01-04",0.83144,{"date":430,"score":247,"percentile":394},"2026-01-05",{"date":432,"score":247,"percentile":433},"2026-01-06",0.83145,{"date":435,"score":247,"percentile":436},"2026-01-07",0.83147,{"date":438,"score":247,"percentile":397},"2026-01-08",{"date":440,"score":247,"percentile":441},"2026-01-09",0.83155,{"date":443,"score":247,"percentile":444},"2026-01-10",0.83152,{"date":446,"score":247,"percentile":413},"2026-01-11",{"date":448,"score":247,"percentile":433},"2026-01-12",{"date":450,"score":247,"percentile":451},"2026-01-13",0.83139,{"date":453,"score":247,"percentile":454},"2026-01-14",0.8316,{"date":456,"score":247,"percentile":400},"2026-01-15",{"date":458,"score":247,"percentile":459},"2026-01-16",0.83166,{"date":461,"score":247,"percentile":462},"2026-01-17",0.83169,{"date":464,"score":247,"percentile":465},"2026-01-18",0.83168,{"date":467,"score":247,"percentile":468},"2026-01-19",0.83164,{"date":470,"score":247,"percentile":471},"2026-01-20",0.83165,{"date":473,"score":247,"percentile":474},"2026-01-21",0.8317,{"date":476,"score":247,"percentile":477},"2026-01-22",0.83177,{"date":479,"score":247,"percentile":480},"2026-01-23",0.83197,{"date":482,"score":247,"percentile":483},"2026-01-24",0.83205,{"date":485,"score":247,"percentile":486},"2026-01-25",0.83199,{"date":488,"score":247,"percentile":489},"2026-01-26",0.83198,{"date":491,"score":247,"percentile":492},"2026-01-27",0.83195,{"date":494,"score":247,"percentile":480},"2026-01-28",{"date":496,"score":247,"percentile":486},"2026-01-29",{"date":498,"score":247,"percentile":499},"2026-01-30",0.83202,{"date":501,"score":247,"percentile":502},"2026-01-31",0.83208,{"date":504,"score":326,"percentile":505},"2026-02-01",0.88795,[507,517,519,521],{"source":95,"cvss_v2_0":508,"cvss_v3_0":513,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":509,"baseSeverity":9,"vectorString":510,"impactScore":511,"exploitabilityScore":512},4.3,"AV:N/AC:M/Au:N/C:N/I:P/A:N",2.9,8.6,{"baseScore":93,"baseSeverity":514,"vectorString":96,"impactScore":515,"exploitabilityScore":516},"MEDIUM",4.5,7.2,{"source":102,"cvss_v2_0":9,"cvss_v3_0":518,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":93,"baseSeverity":9,"vectorString":96,"impactScore":515,"exploitabilityScore":516},{"source":103,"cvss_v2_0":9,"cvss_v3_0":520,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":93,"baseSeverity":9,"vectorString":96,"impactScore":515,"exploitabilityScore":516},{"source":104,"cvss_v2_0":9,"cvss_v3_0":522,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":93,"baseSeverity":9,"vectorString":96,"impactScore":515,"exploitabilityScore":516},[524,543,549,553,580,588,595,600,606],{"ecosystem":525,"name":526,"vendor":527,"product":528,"cpe_part":9,"purl_type":529,"purl_namespace":527,"purl_name":528,"source":9,"versions":530},"Packagist","twbs/bootstrap","twbs","bootstrap","composer",[531,539],{"version":532,"is_range":533,"range_type":534,"version_start":535,"version_start_type":536,"version_end":537,"version_end_type":538,"fixed_in":9},"gte4_0_0_lt4_1_2",true,"ecosystem","4.0.0","including","4.1.2","excluding",{"version":540,"is_range":533,"range_type":534,"version_start":541,"version_start_type":536,"version_end":542,"version_end_type":538,"fixed_in":9},"gte2_3_0_lt3_4_0","2.3.0","3.4.0",{"ecosystem":544,"name":528,"vendor":544,"product":528,"cpe_part":9,"purl_type":545,"purl_namespace":9,"purl_name":528,"source":9,"versions":546},"RubyGems","gem",[547,548],{"version":532,"is_range":533,"range_type":534,"version_start":535,"version_start_type":536,"version_end":537,"version_end_type":538,"fixed_in":9},{"version":540,"is_range":533,"range_type":534,"version_start":541,"version_start_type":536,"version_end":542,"version_end_type":538,"fixed_in":9},{"ecosystem":544,"name":550,"vendor":544,"product":550,"cpe_part":9,"purl_type":545,"purl_namespace":9,"purl_name":550,"source":9,"versions":551},"bootstrap-sass",[552],{"version":540,"is_range":533,"range_type":534,"version_start":541,"version_start_type":536,"version_end":542,"version_end_type":538,"fixed_in":9},{"ecosystem":9,"name":528,"vendor":554,"product":528,"cpe_part":555,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":556},"getbootstrap","a",[557,560,562,564,566,568,570,572,574,576,578],{"version":558,"is_range":533,"range_type":559,"version_start":9,"version_start_type":9,"version_end":542,"version_end_type":538,"fixed_in":9},"lt3.4.0","cpe",{"version":561,"is_range":533,"range_type":559,"version_start":535,"version_start_type":536,"version_end":537,"version_end_type":538,"fixed_in":9},"gte4.0.0_lt4.1.2",{"version":563,"is_range":52,"range_type":559,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.0:alpha",{"version":565,"is_range":52,"range_type":559,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.0:alpha2",{"version":567,"is_range":52,"range_type":559,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.0:alpha3",{"version":569,"is_range":52,"range_type":559,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.0:alpha4",{"version":571,"is_range":52,"range_type":559,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.0:alpha5",{"version":573,"is_range":52,"range_type":559,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.0:alpha6",{"version":575,"is_range":52,"range_type":559,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.0:beta",{"version":577,"is_range":52,"range_type":559,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.0:beta2",{"version":579,"is_range":52,"range_type":559,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.0:beta3",{"ecosystem":581,"name":582,"vendor":583,"product":528,"cpe_part":9,"purl_type":584,"purl_namespace":583,"purl_name":528,"source":9,"versions":585},"Maven","org.webjars:bootstrap","org.webjars","maven",[586,587],{"version":532,"is_range":533,"range_type":534,"version_start":535,"version_start_type":536,"version_end":537,"version_end_type":538,"fixed_in":9},{"version":540,"is_range":533,"range_type":534,"version_start":541,"version_start_type":536,"version_end":542,"version_end_type":538,"fixed_in":9},{"ecosystem":589,"name":528,"vendor":589,"product":528,"cpe_part":9,"purl_type":590,"purl_namespace":9,"purl_name":528,"source":9,"versions":591},"Npm","npm",[592,594],{"version":532,"is_range":533,"range_type":593,"version_start":535,"version_start_type":536,"version_end":537,"version_end_type":538,"fixed_in":9},"semver",{"version":540,"is_range":533,"range_type":593,"version_start":541,"version_start_type":536,"version_end":542,"version_end_type":538,"fixed_in":9},{"ecosystem":589,"name":550,"vendor":589,"product":550,"cpe_part":9,"purl_type":590,"purl_namespace":9,"purl_name":550,"source":9,"versions":596},[597],{"version":598,"is_range":533,"range_type":593,"version_start":599,"version_start_type":536,"version_end":542,"version_end_type":538,"fixed_in":9},"gte2_0_4_lt3_4_0","2.0.4",{"ecosystem":601,"name":528,"vendor":601,"product":528,"cpe_part":9,"purl_type":602,"purl_namespace":9,"purl_name":528,"source":9,"versions":603},"NuGet","nuget",[604,605],{"version":532,"is_range":533,"range_type":534,"version_start":535,"version_start_type":536,"version_end":537,"version_end_type":538,"fixed_in":9},{"version":540,"is_range":533,"range_type":534,"version_start":541,"version_start_type":536,"version_end":542,"version_end_type":538,"fixed_in":9},{"ecosystem":601,"name":607,"vendor":601,"product":607,"cpe_part":9,"purl_type":602,"purl_namespace":9,"purl_name":607,"source":9,"versions":608},"bootstrap.sass",[609],{"version":532,"is_range":533,"range_type":534,"version_start":535,"version_start_type":536,"version_end":537,"version_end_type":538,"fixed_in":9}]