Bootstrap-3-Typeahead Project: Security Vulnerabilities
Bootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-site scripting flaw in the highlighter() function. An attacker could exploit this via user interaction to execute code in the user's browser.
CVSS Score
6.1
EPSS Score
0.004
Published
2019-10-08