CVE-2018-14040 (NVD)- Vulnerability Info (edit)
In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)
|First patch||- None (likely due to unavailable code)|
No patch was assigned yet.