Name of the Vulnerable Software and Affected Versions bootbox versions (affected versions not specified)

Description The issue concerns a lack of input sanitization in dialog boxes provided by the package, allowing attackers to inject HTML code and execute arbitrary JavaScript, thus facilitating Cross-Site Scripting attacks.

Recommendations For all affected versions, sanitize user input being passed to bootbox or consider using an alternative package.