Embedded Malicious Code

CVE-2017-16207

High

7.3/10

Summary

discordi.js is a malicious module based on the discord.js library that exfiltrates login tokens to pastebin.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: LOW
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: LOW
Availability Impact: LOW

CWE-506 - Embedded Malicious Code

The application contains code that appears to be malicious in nature.

References

Advisory Timeline

Published Jun 07, 2018