{"id":"GSD-2022-1000072","summary":"Backdoor in PyPi xss package version all","details":"In the PyPi xss package there is malicious code that appears to be stealing Discord tokens allowing it to access Discord as that user.","modified":"2023-03-14T07:04:18.327358Z","published":"2022-02-02T18:47:52.318148Z","withdrawn":"2023-03-14T07:04:18.327358Z","references":[{"type":"WEB","url":"https://blog.sonatype.com/malicious-roblox-cookie-and-discord-token-stealers-hit-pypi-repository"},{"type":"WEB","url":"https://pepy.tech/project/xss"}],"schema_version":"1.7.3"}