Name of the Vulnerable Software and Affected Versions angular-material-sidenav-rnd version 0.1.1

Description The issue concerns malicious code in version 0.1.1 of the angular-material-sidenav-rnd module. When executed in a browser, this code enumerates sensitive fields such as password, cvc, and cardnumber from forms and sends the extracted values to the endpoint "https://js-metrics.com/minjs.php?pl=".

Recommendations Replace version 0.1.1 of the angular-material-sidenav-rnd module with a version before or after 0.1.1. Evaluate your application to determine whether user data was compromised due to the presence of the malicious code in version 0.1.1.