affix - XSS on target config

[don-spyker]

found in bootstrap 3.3.7

$('.js-affixed-element-top').affix({ offset: { top: $('.js-page-header').outerHeight(true) - 10 , bottom: $('.js-footer').outerHeight(true) + 10 }, target: '<img src=x onerror=alert(0)>' })

https://jsbin.com/palokaxina/edit?html,output

Win 7 x64
Chrome 67.0.3396.99
Firefox 61.0.1 (64-Bit)