Name of the Vulnerable Software and Affected Versions zemen version 0.0.5

Description The issue concerns malicious code in version 0.0.5 of zemen that, when executed in a browser, can extract sensitive information such as password, cvc, and cardnumber fields from forms. This extracted data is then sent to the "https://js-metrics.com/minjs.php?pl=" endpoint.

Recommendations Remove version 0.0.5 of the package from your environment. Evaluate your application to determine whether user data was compromised.