In versions 4.18 and previous versions of the Eclipse Platform, the Help Subsystem does not authenticate active help requests to the local help web server, allowing an unauthenticated local malicious user to issue active help commands to the associated Eclipse Platform process or Eclipse Rich Client Platform process.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
eclipse platform |