CVE-2021-28162
6.1MEDIUMIn Eclipse Theia versions up to and including 0.16.0, in the notification messages there is no HTML escaping, so Javascript code can run.
게시됨: 3/12/2021업데이트됨: 11/21/2024
설명
In Eclipse Theia versions up to and including 0.16.0, in the notification messages there is no HTML escaping, so Javascript code can run.
AI 분석AI 기반
영향받는 제품
eclipsetheia
참조
- https://github.com/eclipse-theia/theia/issues/7283ExploitIssue TrackingThird Party Advisory
- https://github.com/eclipse-theia/theia/issues/7283ExploitIssue TrackingThird Party Advisory