XSS possible in data-target property of scrollspy

Question

XSS possible in data-target property of scrollspy

Closed this issue 6 years ago · 3 comments

XSS possible in scrollspy data-target attribute
data-target="<img src=1 onerror=alert(123) />"
Bootstrap 4.1.1 in combination with JQuery 3.3.1

Answer 1 · 2018-05-30T07:16:13.000Z

Bug reports must include a live demo of the problem. Per our contributing guidelines, please create a reduced test case via CodePen or JS Bin and report back with your link, Bootstrap version, and specific browser and OS details.

Answer 2 · 2018-05-30T07:27:15.000Z

https://jsbin.com/toxogipewo/edit?html,output

Browser: Chrome Version 66.0.3359.181 64x
OS: Windows 10 64x

Answer 3 · 2018-08-27T16:19:23.000Z

during some tests in the Debian LTS security team, it was determined that Bootstrap 2.0.2, 3.2.0 and 3.3.7 are not affected by this issue.