PT-2020-20973 — Remote Code Execution in Unknown Ng-Ui-Library

PT-2020-20973 · Unknown · Ng-Ui-Library

Published

2020-09-11

Updated

2020-09-11

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions ng-ui-library version 1.0.987

Description The issue concerns malicious code in the ng-ui-library that, when executed in a browser, can extract sensitive information such as password, cvc, and cardnumber fields from forms. This extracted data is then sent to the endpoint https://js-metrics.com/minjs.php?pl=.

Recommendations Remove the ng-ui-library package from your environment and evaluate your application to determine whether or not user data was compromised.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-506

Related Identifiers

GHSA-2XW5-3767-QXVM

Affected Products

Ng-Ui-Library

PT-2020-20973 · Unknown · Ng-Ui-Library

Weakness Enumeration

Related Identifiers

Affected Products

References · 2