CVE-2018-14040

In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.

We have discovered 458,137 live websites that are affected by CVE-2018-14040.

Run a Free Instant Scan



Affected Software

Product  Bootstrap
Category UI Frameworks
Vulnerable Domains458,137 live websites (51% of Bootstrap install base)
Vulnerable Versions
  • from 0 through 4.1.2
Vulnerable Versions Count83 versions ( 48% of all versions)



Details

  • Published - Jul 13, 2018
  • Updated - Aug 5, 2024

Website Distribution by Country

Number of websites using CVE-2018-14040
United States181,802 websites


Germany27,807 websites
France18,890 websites
Netherlands17,765 websites
GB17,226 websites
Cyprus14,979 websites
Russia14,107 websites
Brazil10,692 websites
Italy9,891 websites
India9,547 websites

Website Distribution by TLD

Number of websites using CVE-2018-14040
.com203,810 websites
.org22,497 websites
.net15,860 websites
.de14,731 websites
.co.uk12,856 websites
.nl12,666 websites
.ru11,647 websites
.com.br9,781 websites
.fr7,789 websites
.it7,616 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2018-14040

Top websites that are affected by CVE-2018-14040. Please click on the "Contact us" link to get more information.
DomainCountryRankContacts
********.****.br Brazil**
********.com United States***
******.com United States***
**.com Singapore***
*********.com Canada***
*********.com United States***
*****.******.com United States*,***
****.org France*,***
*******.com United States*,***
************.com United States*,***
See full domain list

FAQ

A total of 458,137 websites have been identified as vulnerable to CVE-2018-14040, based on global website indexing conducted by WebTechSurvey.
The Bootstrap is affected by the CVE-2018-14040 vulnerability.
Bootstrap versions up to and including 4.1.2 are vulnerable to CVE-2018-14040.

References