Affected script: "install-scripts:preinstall"
The code sends a POST request to a remote server with the current user's username and the content of /etc/passwd file from the local system where the script is run. This information can be used by malicious parties to gain unauthorized access to the local system. The /etc/passwd file, in particular, is a significant security vulnerability as it contains user account details.