CVE-2020-27224: Cross-site Scripting (XSS) in Eclipse Theia

Severity: Critical

CVSS Score: 9.7

In Eclipse Theia versions up to and including 1.2.0, the Markdown Preview (@theia/preview), can be exploited to execute arbitrary code.