Pranav Yogi Lodha created IMPALA-14834:
------------------------------------------
Summary: Upgrade Bootstrap to 5.0+ due to CVE-2024-6531
Key: IMPALA-14834
URL: https://issues.apache.org/jira/browse/IMPALA-14834
Project: IMPALA
Issue Type: Bug
Reporter: Pranav Yogi Lodha
CVE-2024-6531:- A vulnerability has been identified in Bootstrap that exposes
users to Cross-Site Scripting (XSS) attacks. The issue is present in the
carousel component, where the data-slide and data-slide-to attributes can be
exploited through the href attribute of an <a> tag due to inadequate
sanitization. This vulnerability could potentially enable attackers to execute
arbitrary JavaScript within the victim's browser.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
