sweetalert2 versions 8.19.1 and up until 9.0.0 are vulnerable to hidden functionality that was introduced by the maintainer. The package outputs audio and/or video messages that do not pertain to the functionality of the package and is not included in versions below 8.19.1.

Workaround

Use a version < 8.19.1 of the package until the maintainer releases a fix.

References

• https://github.com/sweetalert2/sweetalert2/releases/tag/v11.4.9
• https://www.npmjs.com/package/sweetalert2