CVE-2019-18212

XML Language Service (lsp4xml) in Red Hat XML Language Support (vscode-xml) versions before 0.9.1 is affected by a directory traversal vulnerability that allows a remote attacker to write to arbitrary files via XMLLanguageService.java. The issue is present in the XML Language Server implementatio...