Cross-site scripting (XSS) vulnerability exists in Coder Code-Server before 3.12.0, allows attackers to execute arbitrary code via crafted URL.
{
"unresolved_ranges": [
{
"extracted_events": [
{
"fixed": "3.12.0"
}
],
"source": "CPE_RANGE",
"vendor_product": "coder:code-server",
"cpes": [
"cpe:2.3:a:coder:code-server:*:*:*:*:*:*:*:*"
]
}
]
}