Description

discordi.js is a malicious module based on the discord.js library that exfiltrates login tokens to pastebin.

Remediation

References

https://nodesecurity.io/advisories/545

Related Vulnerabilities

CVE-2020-7746 Vulnerability in maven package org.webjars.bowergithub.chartjs:chart.js

CVE-2015-8857 Vulnerability in npm package uglify-js

CVE-2023-22477 Vulnerability in npm package mercurius

CVE-2023-31716 Vulnerability in npm package @frangoteam/fuxa

CVE-2023-26143 Vulnerability in npm package blamer

Severity

High

Classification

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Tags

Third Party Advisory NVD-CWE-noinfo