Malicious code in transcript-viewer-ui-demo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d52899913925c544bb906fcc1d752431c86c54c3465310a8eee4318ba29164e0 The package transcript-viewer-ui-demo was found to contain malicious code...

MAL-2025-1266 Malicious code in vue-search-ui-demo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5eba39e62ce67a90fdd330c95bec218d75c2ddbb0e16d24625081c96a115a046 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in vue-search-ui-demo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5eba39e62ce67a90fdd330c95bec218d75c2ddbb0e16d24625081c96a115a046 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Algolia: Stored XSS on https://www.algolia.com/realtime-search-demo/*

Description When you generate a UI demo, the values of the Attributes are not escaped when printed in the page of the demo. There is a protection by CloudFlare, but because the values of the Attributes are printed in Javascript code, I found a way to abuse this to execute Javascript code. Seems...