Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.WEB_APPLICATION_SCANNING_114357HistoryJun 28, 2024 - 12:00 a.m.
Polyfill Detected
2024-06-2800:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
7
javascript compatibility
malicious domain purchase
web application security
cdns
malware injection
7.5 High
AI Score
Confidence
Low
The polyfill.js file is a popular open-source library to ensure old browsers compatibility when evaluating JavaScript code. Starting February 2024, the domain polyfill.io and the related GitHub account have been purchased by a malicious threat actor to inject malwares in all web applications relying on, at least, the cdn.polyfill.io domain. The polyfill.js file cannot be trusted anymore as the malicious code could have been redistributed on other CDNs or locally copied in various plugins.
No source data7.5 High
AI Score
Confidence
Low