Bootstrap Tagsinput
by Lumiverse
CVEs (1)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-1000227 | hig | 0.45 | — | 0.01 | Sep 1, 2020 | All versions of `bootstrap-tagsinput` are vulnerable to cross-site scripting when user input is passed into the `itemTitle` parameter unmodified, as the package fails to properly sanitize or encode user input for that parameter. ## Recommendation This package is not actively… |
- risk 0.45cvss —epss 0.01
All versions of `bootstrap-tagsinput` are vulnerable to cross-site scripting when user input is passed into the `itemTitle` parameter unmodified, as the package fails to properly sanitize or encode user input for that parameter. ## Recommendation This package is not actively…