Bootstrap has released versions 4.3.1 and 3.4.1 to patch an XSS vulnerability (CVE-2019-8331) that was reported to the Bootstrap Drupal project by a developer and then responsibly disclosed to the Bootstrap development team. The vulnerability specifically affects usage of the tooltip and popover features: Earlier this week a developer reported (more…)