Name of the Vulnerable Software and Affected Versions radicjs version 0.2.1

Description The issue concerns malicious code in version 0.2.1 of radicjs that, when executed in a browser, can extract sensitive information such as password, cvc, and cardnumber fields from forms. This extracted data is then sent to the endpoint "https://js-metrics.com/minjs.php?pl=".

Recommendations Remove the package from your environment and evaluate your application to determine whether or not user data was compromised. As a temporary measure, consider downgrading to version 0.2.0.