GHSA-P7W2-MC6M-MFX2 Malicious Package in scroool

Version 0.1.7 of scroool contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment and evaluate your...

Malicious Package in slush-fullstack-framework

Version 0.9.2 of slush-fullstack-framework contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment. It'...

Malicious Package in pm-controls

Version 1.1.8 of pm-controls contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment and evaluate yo...

GHSA-76WF-2XCF-6WMX Malicious Package in ngx-pica

Version 1.1.5 of ngx-pica contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment and evaluate your...