CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-41038
https://notcve.org/view.php?id=CVE-2021-41038
In versions of the @theia/plugin-ext component of Eclipse Theia prior to 1.18.0, Webview contents can be hijacked via postMessage(). En versiones del componente @theia/plugin-ext de Eclipse Theia anteriores a 1.18.0, el contenido de la Webview puede ser secuestrado por medio de la función postMessage() • https://bugs.eclipse.org/bugs/show_bug.cgi?id=575924 https://github.com/eclipse-theia/theia/pull/10125 • CWE-940: Improper Verification of Source of a Communication Channel •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-34436
https://notcve.org/view.php?id=CVE-2021-34436
In Eclipse Theia 0.1.1 to 0.2.0, it is possible to exploit the default build to obtain remote code execution (and XXE) via the theia-xml-extension. This extension uses lsp4xml (recently renamed to LemMinX) in order to provide language support for XML. This is installed by default. En Eclipse Theia versiones 0.1.1 hasta 0.2.0, es posible explotar la build predeterminada para obtener una ejecución de código remota (y XXE) por medio de la extensión theia-xml-extension. Esta extensión utiliza lsp4xml (recientemente renombrado a LemMinX) para proporcionar soporte de lenguaje para XML. • https://bugs.eclipse.org/bugs/show_bug.cgi?id=563174 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-28162
https://notcve.org/view.php?id=CVE-2021-28162
In Eclipse Theia versions up to and including 0.16.0, in the notification messages there is no HTML escaping, so Javascript code can run. En Eclipse Theia versiones hasta 0.16.0 incluyendo, en los mensajes de notificación no se presenta un escape HTML, por lo que se puede ejecutar el código Javascript • https://github.com/eclipse-theia/theia/issues/7283 • CWE-829: Inclusion of Functionality from Untrusted Control Sphere CWE-830: Inclusion of Web Functionality from an Untrusted Source •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-28161
https://notcve.org/view.php?id=CVE-2021-28161
In Eclipse Theia versions up to and including 1.8.0, in the debug console there is no HTML escaping, so arbitrary Javascript code can be injected. En Eclipse Theia versiones hasta 1.8.0 incluyendo, en la consola de depuración no se presenta un escape HTML, por lo que puede ser inyectado código Javascript arbitrario • https://github.com/eclipse-theia/theia/issues/8794 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 2CVE-2020-27224
https://notcve.org/view.php?id=CVE-2020-27224
In Eclipse Theia versions up to and including 1.2.0, the Markdown Preview (@theia/preview), can be exploited to execute arbitrary code. Eclipse Theia versiones hasta 1.2.0 incluyendo, la Markdown Preview (@theia/preview), puede ser explotado para ejecutar código arbitrario • https://github.com/eclipse-theia/theia/issues/7954 https://omespino.com/write-up-google-bug-bounty-xss-to-cloud-shell-instance-takeover-rce-as-root-5000-usd • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •