Find real vulnerabilities before they ship
Vulnerability Database › packagist › CVE-2018-20677
In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
Base Score