Lucene search
K

4 matches found

OSV
OSV
added 2020/09/03 12:31 a.m.10 views

GHSA-76WF-2XCF-6WMX Malicious Package in ngx-pica

Version 1.1.5 of ngx-pica contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment and evaluate your...

7.2AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2020/09/03 12:31 a.m.35 views

Malicious Package in ngx-pica

Version 1.1.5 of ngx-pica contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment and evaluate your...

7AI score
Exploits0References2Affected Software1
Veracode
Veracode
added 2019/06/10 3:42 a.m.16 views

Malicious Package

ngx-pica contains malicious code. The code when executed in the browser will capture password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl=...

6.9AI score
Exploits0
Node.js
Node.js
added 2019/06/07 8:22 p.m.15 views

Malicious Package

Overview Version 1.1.5 of ngx-pica contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment and...

7AI score
Exploits0Affected Software1
Rows per page
Query Builder