Description

discordi.js is a malicious module based on the discord.js library that exfiltrates login tokens to pastebin.

Remediation

References

https://nodesecurity.io/advisories/545

Related Vulnerabilities

CVE-2021-4040 Vulnerability in maven package org.apache.activemq:artemis-commons

CVE-2023-43495 Vulnerability in maven package org.jenkins-ci.main:jenkins-core

CVE-2022-36884 Vulnerability in maven package org.jenkins-ci.plugins:git

CVE-2020-7740 Vulnerability in npm package node-pdf-generator

CVE-2012-5817 Vulnerability in maven package org.codehaus.xfire:xfire-core

Severity

High

Classification

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Tags

Third Party Advisory NVD-CWE-noinfo