Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES SCA (Software Composition Analysis)

CVE-2017-16207 Vulnerability in npm package discordi.js

Description

discordi.js is a malicious module based on the discord.js library that exfiltrates login tokens to pastebin.

Remediation

References

https://nodesecurity.io/advisories/545

Related Vulnerabilities

CVE-2023-31544 Vulnerability in maven package org.opencms:opencms-core

CVE-2020-35202 Vulnerability in maven package org.igniterealtime.openfire.plugins:dbaccess

CVE-2020-28502 Vulnerability in npm package xmlhttprequest

CVE-2023-24163 Vulnerability in maven package cn.hutool:hutool-all

CVE-2020-14968 Vulnerability in maven package org.webjars.npm:jsrsasign

Severity

High

Classification

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Tags

Third Party Advisory NVD-CWE-noinfo