All versions of
bootstrap-vue are vulnerable to Cross-Site Scripting. Due to insufficient input sanitization, components may be vulnerable to Cross-Site Scripting through the
No fix is currently available. Consider using an alternative module until a fix is made available.
- (GitHub Issue)[https://github.com/bootstrap-vue/bootstrap-vue/issues/1974]