GHSA-7PRJ-9CCR-HR3Q Sylius has potential Cross Site Scripting vulnerability via the "Province" field in the Checkout and Address Book

Impact There is a possibility to save XSS code in province field in the Checkout and Address Book and then execute it on these pages. The problem occurs when you open the address step page in the checkout or edit the address in the address book. This only affects the base UI Shop provided by...

MAL-2022-6757 Malicious code in ui-shop (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e1502a52ae156bfc3c6970836d113ad8acd802d037fd01ab787c85d5de0acce0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in ui-shop (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e1502a52ae156bfc3c6970836d113ad8acd802d037fd01ab787c85d5de0acce0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview ui-shop is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...