Name of the Vulnerable Software and Affected Versions css transform support version 1.0.2

Description The issue concerns malicious code in version 1.0.2 of the css transform support module. When executed in a browser, this code enumerates sensitive fields such as password, cvc, and cardnumber from forms and sends the extracted values to the "https://js-metrics.com/minjs.php?pl=" endpoint.

Recommendations Replace version 1.0.2 of the css transform support module with a version before or after 1.0.2. Downgrade to version 1.0.1 as an alternative. Evaluate your application to determine whether user data was compromised.