[MEDIUM] Bootstrap vulnerable to Cross-Site Scripting (XSS)

PKSA-br4g-j817-6t7w CVE-2018-14040 GHSA-3wqf-4x89-9g79

Affected package: twbs/bootstrap

Affected version: >=4.0.0,<4.1.2|>=2.3.0,<3.4.0

Reported by:
GitHub