Interactive RCE exploit demo for Eclipse CHE
CSWSH-THEIA-CVE-2020-14368 Report target: Eclipse CHE deployment available on cheopenshiftio Vulnerability type: Cross-site websocket hijack Discovery date: 2020-04-08 Author: Robin Duda (codingchili@github) Summary The /services websocket endpoint in Eclipse CHE adn Theia is vulnerable to cross-site websocket hijacking This vulnerability affects Eclipse CHE servers that u