CVE-2021-42648
Coder Code-Server is affected by a Cross-Site Scripting (XSS) vulnerability in versions before 3.12.0, exploitable via crafted URLs. Affected component: code-server frontend handling error messages; root cause: insufficient escaping of user-supplied input in error handling. Impact: arbitrary code...