CVE-2021-28161
CVE-2021-28161
In Eclipse Theia versions up to and including 1.8.0, in the debug console there is no HTML escaping, so arbitrary Javascript code can be injected.
Affected products
The Eclipse Foundation · Eclipse TheiaWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →