0.001 Low
EPSS
Percentile
41.0%
In Eclipse Theia versions up to and including 1.8.0, in the debug console there is no HTML escaping, so arbitrary Javascript code can be injected.
github.com/eclipse-theia/theia/issues/8794
nvd.nist.gov/vuln/detail/CVE-2021-28161