3 matches found
MAL-2025-188679 Malicious code in phoebe-tectonophysics-nestjs-dependencies (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd888d6bcb75b1377585f5ef0208e469e98c0a51f5b88bce71e7f2fa36034a23 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-124245
Malicious code in npm-dependencies-cypress-protractor npm...
Community Plugin Framework 跨站脚本漏洞
Community Plugin Framework is a plugin framework. A security vulnerability exists in Community Plugin Framework, which stems from an unknown function in the file core/src/main/java/pt/webdetails/cpf/packager/DependenciesPackage.java, where manipulation of the parameter baseUrl can lead to...