You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
May I know if we have any plan to fix CVE-2023-46998? And may I know the ETA of the new release?
Cross Site Scripting vulnerability in BootBox Bootbox.js v.3.2 through 6.0 allows a remote attacker to execute arbitrary code via a crafted payload to alert(), confirm(), prompt() functions.
Appreciate your feedback.
The text was updated successfully, but these errors were encountered:
No, no plans at the moment. Frankly, I consider it out of scope for Bootbox.
That being said, at some point we'll probably rewrite the core of Bootbox to use only plain JavaScript (to remove our jQuery dependency) but there's no roadmap for that either. That work would probably address most of the issues noted in that advisory.
Dear Bootbox development community,
May I know if we have any plan to fix CVE-2023-46998? And may I know the ETA of the new release?
Cross Site Scripting vulnerability in BootBox Bootbox.js v.3.2 through 6.0 allows a remote attacker to execute arbitrary code via a crafted payload to alert(), confirm(), prompt() functions.
Appreciate your feedback.
The text was updated successfully, but these errors were encountered: