CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 2CVE-2020-27224
https://notcve.org/view.php?id=CVE-2020-27224
In Eclipse Theia versions up to and including 1.2.0, the Markdown Preview (@theia/preview), can be exploited to execute arbitrary code. Eclipse Theia versiones hasta 1.2.0 incluyendo, la Markdown Preview (@theia/preview), puede ser explotado para ejecutar código arbitrario • https://github.com/eclipse-theia/theia/issues/7954 https://omespino.com/write-up-google-bug-bounty-xss-to-cloud-shell-instance-takeover-rce-as-root-5000-usd • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2019-17636
https://notcve.org/view.php?id=CVE-2019-17636
In Eclipse Theia versions 0.3.9 through 0.15.0, one of the default pre-packaged Theia extensions is "Mini-Browser", published as "@theia/mini-browser" on npmjs.com. This extension, for its own needs, exposes a HTTP endpoint that allows to read the content of files on the host's filesystem, given their path, without restrictions on the requester's origin. This design is vulnerable to being exploited remotely through a DNS rebinding attack or a drive-by download of a carefully crafted exploit. En Eclipse Theia versiones 0.3.9 hasta la versión 0.15.0, una de las extensiones de Theia pre-empaquetadas predeterminadas es "Mini-Browser", publicada como "@theia/mini-browser" en npmjs.com. Esta extensión, para sus propias necesidades, expone un endpoint HTTP que permite leer el contenido de los archivos en el sistema de archivos del host, entregar su ruta, sin restricciones en el origen del solicitante. • https://bugs.eclipse.org/bugs/show_bug.cgi?id=551747 • CWE-345: Insufficient Verification of Data Authenticity •