CVE-2021-28162

6.1MEDIUM

In Eclipse Theia versions up to and including 0.16.0, in the notification messages there is no HTML escaping, so Javascript code can run.

Publicado: 3/12/2021Actualizado: 11/21/2024
Ver en NVDVer en MITRE

Descripción

In Eclipse Theia versions up to and including 0.16.0, in the notification messages there is no HTML escaping, so Javascript code can run.

Análisis IAImpulsado por IA

Productos Afectados

eclipsetheia

Referencias