Disclosure Date 2023/06/04
CVE-2023-32766
Cross-site Scripting in Gipod
GitpodにおけるXSS (クロスサイトスクリプティング)
Description
Gitpod before 2022.11.3 allows XSS because redirection can occur for some protocols outside of the trusted set of three (vscode: vscode-insiders: jetbrains-gateway:).