npm package
@theia/messages
pkg:npm/%40theia/messages
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-28162 | — | < 1.0.0 | 1.0.0 | Mar 12, 2021 | In Eclipse Theia versions up to and including 0.16.0, in the notification messages there is no HTML escaping, so Javascript code can run. |
- CVE-2021-28162Mar 12, 2021affected < 1.0.0fixed 1.0.0
In Eclipse Theia versions up to and including 0.16.0, in the notification messages there is no HTML escaping, so Javascript code can run.