Eclipse · Eclipse Theia · CVE-2020-27224
Name of the Vulnerable Software and Affected Versions:
Eclipse Theia versions up to and including 1.2.0
Description:
The issue allows for the execution of arbitrary code through the Markdown Preview (@theia/preview) in Eclipse Theia.
Recommendations:
For Eclipse Theia versions up to and including 1.2.0, consider disabling the Markdown Preview (@theia/preview) until a patch is available.