247 matches found
Cross-site Scripting (XSS)
Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Tag Delete Confirmation. An attacker can execute arbitrary JavaScript in the application's context by injecting malicious HTML into the tag name, which is then...
Malicious code in config-regulus-auth-ophiuchus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 602504708c1fa23065534bfce58fb93eb8c0713426b28a6b5331ac55f1425922 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187075 Malicious code in futurology-fermiparadox-parsec-publish (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7932b00db63a52a64e991976f6b489776b42c5b992ba035510f6778c3fcd33c5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in sigma-byte-minify-cache-float (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9c6e70796053d1fa92a07825c71ff13fe758e72888f995c1ae5045570a6d76ca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-190334 Malicious code in winston-kinetic-zenith-corvus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 33aea94bfb56e0007d05b76e2fd4429326a2eba7c08d4c4190df4b030c654c44 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in neptune-betelgeuse-halley-chromedriver (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0d3a2b6835a2e2cd78eb315d5e4b82e68d0bcb3840274c62bda761b9496ffe3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186990 Malicious code in firebase-helios-bionics-virtualreality (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c1022ecdd26947cec0f0053fa453beff0e4313b5d2fef4cee8a9101980dac690 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in avangs-olium-nit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac6fefa9955600e941537932e80a519b59980014f675284e452ebddeb64496bc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-184249 Malicious code in modiov-khan-afibanavihid (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b47c125cdf6f561eefb04c00aea99d11481d50a8bc01aa3a82630a71c87bb473 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in lomi-fuis-fakiugabas (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 32a03b7c4a0e8cd795d944a02e7df3508bc3ee0608fc7a92d8665d25a6f930e6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-184237 Malicious code in modasv-kuu-boffu (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0004da799b7a0238a911f9dc5f688e974fffc6b01f9ba7764f34b00c3c10df0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in imodiov-koifi-cuidcg (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d687eed4ffb353a798f717155ce5df7a920ae1166cae2af20ef04caf998d8ff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in imuay-agg-iguqakuraduidb (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20a7d13ce843aa7f030274cef8c837093afb41ba64c298cc675d96117b403183 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-185279 Malicious code in tunis-kjt-gabis (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60c6cb75357bef04a2c7734f8921808f0694146cf9095186962d6566e5228b1c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in lookingan-jeje17 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b651ef20912356369d91b7529697786ce2f7006fbc9ed4fbb7c72cf8abd34294 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in lookingan-jaja8 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1b94bce2e9b69fcccbfd0edd4f204a30a868fe9b65b0793edcfd15f35e0e9c0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-173884 Malicious code in diva-banbo-imungai (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4aad6680c5ff946f7ce7750ae1984e85c14f4aabc38f22d21d5213617c818652 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in joee-baut-imu (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea9f4f8963ebac1c9f2c7435452c12465bd8ad664291188a21f644d224a26478 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-175646 Malicious code in ksai-kilota-ailolioia (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9cbc304e981a59373691760ef6ce0177793c89475b5e47b8be86f183c4b9ddb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-174720 Malicious code in hitachi-poke78 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0d9b8e346e0823cde1d4e03135ff174256db54b721bd5cc922ff5373924872d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...