AIKIDO-2024-10141
albertcht/invisible-recaptcha is vulnerable to Malicious Code
100
Critical
albertcht/invisible-recaptcha php
AIKIDO-2024-10141: albertcht/invisible-recaptcha is vulnerable to Malicious Code in all versions.
Malicious Code
Vuln in 0.0.0 - *
CVE-2024-38526
TL;DR
albertcht/invisible-recaptcha uses polyfill[.]io, which was taken over and serves malicious code.
Who does this affect?
You're affected if you use albertcht/invisible-recaptcha.
How can it be fixed?
Remove this package from your application.
Don’t be left in the dark
With in-house intel and access to top vulnerability databases, see it all with Aikido.
© 2024 Aikido Security BV | BE0792914919
🇪🇺 Grauwpoort 1, 9000 Ghent, Belgium
🇺🇸 95 Third St, 2nd Fl, San Francisco, CA 94103, US