VYPR

npm package

bootstrap-tagsinput

pkg:npm/bootstrap-tagsinput

Vulnerabilities (1)

  • CVE-2016-1000227higSep 1, 2020
    affected <= 0.8.0

    All versions of `bootstrap-tagsinput` are vulnerable to cross-site scripting when user input is passed into the `itemTitle` parameter unmodified, as the package fails to properly sanitize or encode user input for that parameter. ## Recommendation This package is not actively