CVE-2021-28162
CVE-2021-28162
In Eclipse Theia versions up to and including 0.16.0, in the notification messages there is no HTML escaping, so Javascript code can run.
Productos afectados
The Eclipse Foundation · Eclipse Theia¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →