CVE-2019-8331 Bootstrap < 3.4.1 || < 4.3.1 ✔️ CSP strict-dynamic bypass ➖ Requires user interaction ➖ Requires $('[data-toggle="tooltip"]').tooltip();