[MEDIUM] Bolt Cross-site Scripting (XSS) via an image's alt or title field

PKSA-dd4d-zp1r-7fr7 CVE-2019-15484 GHSA-fp8m-xw3f-6h7x

Affected package: bolt/bolt

Affected version: <3.6.10

Reported by:
GitHub