This repository has been archived by the owner on Sep 13, 2024. It is now read-only.
WS-2019-0098 (Medium) detected in bootbox-5.5.2.tgz #15172
Labels
security vulnerability
Security vulnerability detected by WhiteSource
WS-2019-0098 - Medium Severity Vulnerability
Vulnerable Library - bootbox-5.5.2.tgz
Wrappers for JavaScript alert(), confirm(), prompt(), and other flexible dialogs using the Bootstrap framework
Library home page: https://registry.npmjs.org/bootbox/-/bootbox-5.5.2.tgz
Path to dependency file: YetiForceCRM/package.json
Path to vulnerable library: /node_modules/bootbox/package.json
Dependency Hierarchy:
Found in HEAD commit: ffa7a2b6aad963a2dd040af263053425cb7dced7
Vulnerability Details
All version of bootbox are vulnerable to Cross-Site Scripting, by not sanitizing user input in the provided dialog boxes
Publish Date: 2019-05-23
URL: WS-2019-0098
CVSS 3 Score Details (6.5)
Base Score Metrics:
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: