CVE-2018-14042 (NVD)- Vulnerability Info (edit)
In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)
|First patch||- None (likely due to unavailable code)|
No patch was assigned yet.