3 matches found
@carlsonp/kort (>=0.9.1 <=1.0.1), @concretecms/bedrock (=0.9.3) +26 more potentially affected by CVE-2023-46998 via bootbox (>=4.4.0 <=6.0.0)
bootbox NPM version =4.4.0, =0.9.1, =1.0.9, =2.0.3, =0.2.2, =0.0.6, =1.0.0, =1.0.0, =0.0.2, =0.0.1, =0.0.3, =1.0.0, =1.1.1 - botkit-socket-client =0.0.1 and more Source cves: CVE-2023-46998 Source advisory: OSV:GHSA-M4CH-4M5F-2GP6...
CVE-2023-46998
CVE-2023-46998 describes a Cross Site Scripting vulnerability in Bootbox.js versions 3.2 through 6.0. The issue allows a remote attacker to execute arbitrary code by sending a crafted payload to alert(), confirm(), or prompt() functions. The connected documents confirm the affected product and vu...
CVE-2023-46998
Cross Site Scripting vulnerability in BootBox Bootbox.js v.3.2 through 6.0 allows a remote attacker to execute arbitrary code via a crafted payload to alert, confirm, prompt functions...