VYPR

npm package

@theia/messages

pkg:npm/%40theia/messages

Vulnerabilities (1)

  • CVE-2021-28162Mar 12, 2021
    affected < 1.0.0fixed 1.0.0

    In Eclipse Theia versions up to and including 0.16.0, in the notification messages there is no HTML escaping, so Javascript code can run.