VYPR

Bootstrap Tagsinput

by Lumiverse

CVEs (1)

  • CVE-2016-1000227higSep 1, 2020
    risk 0.45cvss epss 0.01

    All versions of `bootstrap-tagsinput` are vulnerable to cross-site scripting when user input is passed into the `itemTitle` parameter unmodified, as the package fails to properly sanitize or encode user input for that parameter. ## Recommendation This package is not actively…