GHSA-pjxp-f379-6284

Source

https://github.com/advisories/GHSA-pjxp-f379-6284

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/09/GHSA-pjxp-f379-6284/GHSA-pjxp-f379-6284.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-pjxp-f379-6284

Published

2020-09-03T19:13:27Z

Modified

2023-07-27T20:15:13Z

Summary

Malicious Package in @fangrong/xoc

Details

Version 1.0.6 of @fangrong/xoc contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl=

Recommendation

Remove the package from your environment. It's also recommended to evaluate your application to determine whether or not user data was compromised.

Users may consider downgrading to version 1.0.5

Database specific

{
    "github_reviewed_at": "2020-08-31T18:47:24Z",
    "cwe_ids": [],
    "nvd_published_at": null,
    "severity": "CRITICAL",
    "github_reviewed": true
}

References

https://www.npmjs.com/advisories/1104

Affected packages

npm / @fangrong/xoc

Package

Name: @fangrong/xoc; View open source insights on deps.dev
Purl: pkg:npm/%40fangrong/xoc

Affected ranges

Affected versions

1.*

1.0.6