CVE-2018-6333
The CVE-2018-6333 issue affects Nuclide’s hhvm-attach deep link handler, where the hostname parameter was not properly sanitized when rendering, allowing a malicious URL to render HTML inside the editor and potentially chain to code execution. Affected releases are Nuclide prior to v0.290.0. Miti...