Description
Cross Site Scripting vulnerability in BootBox Bootbox.js v.3.2 through 6.0 allows a remote attacker to execute arbitrary code via a crafted payload to alert(), confirm(), prompt() functions.
Remediation
References
https://github.com/bootboxjs/bootbox/issues/661
https://github.com/soy-oreocato/CVE-2023-46998/
Related Vulnerabilities
CVE-2022-43435 Vulnerability in maven package org.jenkins-ci.plugins.plugin:fireline
CVE-2018-25031 Vulnerability in maven package org.webjars.npm:swagger-ui
CVE-2017-5651 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core
CVE-2023-38695 Vulnerability in npm package @simonsmith/cypress-image-snapshot
CVE-2023-26031 Vulnerability in maven package org.apache.hadoop:hadoop-yarn-project