Malicious Package in oauth-validator

2020-09-01T20:29:59
ID GHSA-CXCF-78MR-WPG7
Type github
Reporter GitHub Advisory Database
Modified 2020-09-01T20:29:59

Description

Version 1.0.2 of oauth-validator contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl=

Recommendation

If version 1.0.2 of this module is found installed you will want to replace it with a version before or after 1.0.2. In addition to replacing the installed module, you will also want to evaluate your application to determine whether or not user data was compromised.