CVE-2018-14040

CVE-2018-14040

In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.

Source: CVE-2018-14040