Security Advisory

CVE-2021-28161

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-03-12 21:40:14

Last updated 2024-08-03 21:40:12

Assigner eclipse

State PUBLISHED

In Eclipse Theia versions up to and including 1.8.0, in the debug console there is no HTML escaping, so arbitrary Javascript code can be injected.