Bootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-site scripting flaw in the highlighter() function. An attacker could exploit this via user interaction to execute code in the user's browser.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bootstrap-3-typeahead project bootstrap-3-typeahead |