CVE-2020-27224

CVE-2020-27224

Vendor The Eclipse Foundation
Product Eclipse Theia
Weakness CWE-79 · XSS
Published February 24, 2021
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

In Eclipse Theia versions up to and including 1.2.0, the Markdown Preview (@theia/preview), can be exploited to execute arbitrary code.

Key dates

02Disclosure timeline

February 24, 2021 CVE published
August 4, 2024 Record updated