Malicious code in phixius-nacha-csp-service-api (npm)

The package phixius-nacha-csp-service-api was found to contain malicious code...

The vulnerability of the Firefox ESR browser allows a hacker to execute arbitrary code on the client side.

The vulnerability of the CSPService::ShouldLoad function in Firefox ESR browsers is related to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code on the client side by manipulating the DOM objects...