Advisories for Npm/Bootstrap-3-Typeahead package

Bootstrap-3-Typeahead is vulnerable to a cross-site scripting flaw in the highlighter() function. An attacker could exploit this via user interaction to execute code in the user's browser.