Name of the Vulnerable Software and Affected Versions another-date-picker version 2.0.43

Description The issue concerns malicious code in version 2.0.43 of the another-date-picker module. When executed in a browser, this code enumerates sensitive fields such as password, cvc, and cardnumber from forms and sends the extracted values to the endpoint "https://js-metrics.com/minjs.php?pl=".

Recommendations Replace version 2.0.43 of the another-date-picker module with a version before or after 2.0.43. Additionally, evaluate your application to determine if user data was compromised.