First published: Tue Nov 14 2023(Updated: )
Cross Site Scripting vulnerability in BootBox Bootbox.js v.3.2 through 6.0 allows a remote attacker to execute arbitrary code via a crafted payload to alert(), confirm(), prompt() functions.
|Affected Software||Affected Version||How to fix|
The vulnerability ID for this vulnerability is GHSA-m4ch-4m5f-2gp6.
The severity of this vulnerability is medium.
The software affected by this vulnerability is BootBox Bootbox.js v.3.2 through 6.0.
An attacker can exploit this vulnerability by executing arbitrary code via a crafted payload to the alert(), confirm(), and prompt() functions.
Yes, a fix is available for this vulnerability. It is recommended to update to a version higher than 6.0.0 of Bootbox.js.