Description
Cross Site Scripting vulnerability in BootBox Bootbox.js v.3.2 through 6.0 allows a remote attacker to execute arbitrary code via a crafted payload to alert(), confirm(), prompt() functions.
Remediation
References
https://github.com/bootboxjs/bootbox/issues/661
https://github.com/soy-oreocato/CVE-2023-46998/
Related Vulnerabilities
CVE-2023-5072 Vulnerability in maven package org.json:json
CVE-2023-26115 Vulnerability in npm package word-wrap
CVE-2014-3579 Vulnerability in maven package org.apache.activemq:apollo-selector
CVE-2023-45135 Vulnerability in maven package org.xwiki.platform:xwiki-platform-web-templates
CVE-2023-39685 Vulnerability in maven package org.hjson:hjson