sweetalert2
versions 8.19.1 and up until 9.0.0 are vulnerable to hidden functionality that was introduced by the maintainer. The package outputs audio and/or video messages that do not pertain to the functionality of the package and is not included in versions below 8.19.1.
Use a version < 8.19.1 of the package until the maintainer releases a fix.
{ "github_reviewed_at": "2022-11-23T15:49:51Z", "nvd_published_at": null, "github_reviewed": true, "cwe_ids": [ "CWE-912" ], "severity": "LOW" }