Description
In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
Remediation
References
Related Vulnerabilities
WordPress Plugin Crazy Bone Cross-Site Scripting (0.5.6)
WordPress Plugin Persian Woocommerce SMS Cross-Site Scripting (3.3.2)
Drupal Core 9.0.0 Security Bypass (9.0.0)
WordPress Plugin WP Print Friendly Cross-Site Scripting (0.6)
WordPress Plugin Clockwork SMS Notfications Cross-Site Scripting (2.0.3)