{"id": "GHSA-78P3-96HC-3J47", "vendorId": null, "type": "github", "bulletinFamily": "software", "title": "Malicious Package in jquery-airload", "description": "Version 0.2.5 of `jquery-airload` contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to `https://js-metrics.com/minjs.php?pl=`\n\n\n\n## Recommendation\n\nRemove the package from your environment. It's also recommended to evaluate your application to determine whether or not user data was compromised.", "published": "2020-09-03T19:11:17", "modified": "2020-09-03T19:11:17", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://github.com/advisories/GHSA-78p3-96hc-3j47", "reporter": "GitHub Advisory Database", "references": ["https://www.npmjs.com/advisories/1102", "https://github.com/advisories/GHSA-78p3-96hc-3j47"], "cvelist": [], "immutableFields": [], "lastseen": "2022-04-30T13:47:17", "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "nodejs", "idList": ["NODEJS:1102"]}, {"type": "osv", "idList": ["OSV:GHSA-78P3-96HC-3J47"]}], "rev": 4}, "score": {"value": 2.9, "vector": "NONE"}, "backreferences": {"references": [{"type": "kitploit", "idList": ["KITPLOIT:116690769744039319"]}, {"type": "threatpost", "idList": ["THREATPOST:99DC4B497599503D640FDFD9A2DC5FA3"]}]}, "exploitation": null, "vulnersScore": 2.9}, "_state": {"dependencies": 0}, "_internal": {}, "affectedSoftware": [{"version": "0.2.5", "operator": "eq", "ecosystem": "NPM", "name": "jquery-airload"}]}

{}