Cross Site Scripting vulnerability in BootBox Bootbox.js v.3.2 through 6.0 allows a remote attacker to execute arbitrary code via a crafted payload to alert(), confirm(), prompt() functions. References: https://security-tracker.debian.org/tracker/CVE-2023-46998 https://www.cve.org/CVERecord?id=CVE-2023-46998 https://github.com/bootboxjs/bootbox/issues/661 https://github.com/soy-oreocato/CVE-2023-46998/
Created domoticz tracking bugs for this issue: Affects: fedora-all [bug 2248973]