CVE-2021-34435

In Eclipse Theia 0.3.9 to 1.8.1, the "mini-browser" extension allows a user to preview HTML files in an iframe inside the IDE. But with the way it is made it is possible for a previewed HTML file to trigger an RCE. This exploit only happens if a user previews a malicious file..
References
Configurations

Configuration 1

cpe:2.3:a:eclipse:theia:*:*:*:*:*:*:*:*

Information

Published : 2021-09-01 06:15

Updated : 2022-10-27 12:49


NVD link : CVE-2021-34435

Mitre link : CVE-2021-34435

Products Affected
No products.
CWE