According to [this advisory](https://www.npmjs.com/advisories/891), when using bootstrap 4.x, anything prior to 4.3.1 is vulnerable to XSS. Shards currently uses 4.1.3.
According to this advisory, when using bootstrap 4.x, anything prior to 4.3.1 is vulnerable to XSS. Shards currently uses 4.1.3.