Malicious code in tvi-cli (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f78946397af9b739b00884d97f406ea16405f5558af770d05400083fd26e7061 Any computer that has this package installed or running should be considered fully compromised. All...

MAL-2025-47357 Malicious code in tvi-cli (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f78946397af9b739b00884d97f406ea16405f5558af770d05400083fd26e7061 Any computer that has this package installed or running should be considered fully compromised. All...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

Cross site scripting

Cross-site scripting XSS vulnerability in the Taxonomy Views Integrator TVI module 6.x-1.x before 6.x-1.3 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, related to "views pages."...

CVE-2012-1653

The CVE-2012-1653 issue affects the Taxonomy Views Integrator (TVI) module for Drupal 6.x-1.x before 6.x-1.3. The vulnerability arises from insufficient filtering of user-supplied text on views pages, enabling XSS by authenticated users. Impact is limited to partial integrity of data and arbitrar...