mirrors/bootstrap
2
0
Fork 0
mirror of https://github.com/tenrok/bootstrap.git synced 2026-06-08 17:22:31 +03:00
Code Activity

Fix/xss issues on data attributes (#27047)

Browse Source 
* fix(collapse): xss CVE-2018-14040

Fixes #26625

* fix(tooltip): xss CVE-2018-14042

Fixes #26628

* fix(tooltip): XSS on data-viewport attribute

Fixes #27044

* fix(affix): XSS on target config

Fixes #27045
This commit is contained in:
don-spyker
2018-08-13 18:09:18 +02:00
committed by Johann-S
parent 13bf8aeae3
commit 2a5ba23ce8
6 changed files with 49 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
js/collapse.js
+1 -1
View File
@@ -137,7 +137,7 @@
}
Collapse.prototype.getParent = function () {
return $(this.options.parent)
return $(document).find(this.options.parent)
.find('[data-toggle="collapse"][data-parent="' + this.options.parent + '"]')
.each($.proxy(function (i, element) {
var $element = $(element)