npm package
bootstrap-select
pkg:npm/bootstrap-select
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-20921 | — | < 1.13.6 | 1.13.6 | Sep 30, 2020 | bootstrap-select before 1.13.6 allows Cross-Site Scripting (XSS). It does not escape title values in OPTION elements. This may allow attackers to execute arbitrary JavaScript in a victim's browser. |
- CVE-2019-20921Sep 30, 2020affected < 1.13.6fixed 1.13.6
bootstrap-select before 1.13.6 allows Cross-Site Scripting (XSS). It does not escape title values in OPTION elements. This may allow attackers to execute arbitrary JavaScript in a victim's browser.