Vulnerability Database

Published: Mar 12, 2021
Updated: May 9, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2021-28162" target="_blank" rel="noopener"> CVE-2021-28162
GHSA: <a href="https://github.com/advisories/GHSA-c94v-8fff-73ph" target="_blank" rel="noopener"> GHSA-c94v-8fff-73ph
Severity: Medium
Exploit:

300,830

Total vulnerabilities in the database

In Eclipse Theia versions up to and including 0.16.0, in the notification messages there is no HTML escaping, so Javascript code can run.

CVSS v3:

CVSS v2:

CWEs:

Software	From	Fixed in
eclipse / theia	-	0.16.0.x
@theia / messages	-	1.0.0

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.