Severity by source
AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
Network-reachable, low-complexity stored XSS needing only a self-service publisher account (PR:L) and victim interaction (UI:R); executes in the trusted origin so S:C with high C/I, no availability impact.
Primary rating from Vendor (eclipse).
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
Lifecycle Timeline
10DescriptionNVD
In Open VSX Registry before 1.0.2, the /vscode/unpkg/ endpoint serves user-supplied HTML files with Content-Type: text/html and without a Content-Security-Policy or Content-Disposition: attachment response header. An unauthenticated attacker can register a publisher account, upload a VSIX containing a crafted HTML payload, and induce an authenticated user to visit the resulting URL. The browser renders the file inline in the open-vsx.org origin context, enabling session token exfiltration, persistent Personal Access Token (PAT) generation, and unauthorized publication of malicious extension versions. Because Open VSX extensions are distributed to VS Code, VSCodium, Cursor, Windsurf, and compatible editors, a compromised extension update constitutes a supply chain attack against all downstream users.
AnalysisAI
Stored cross-site scripting in Eclipse Open VSX Registry (versions 0.1.0 through before 1.0.2) allows an attacker who self-registers a publisher account to upload a VSIX containing malicious HTML that the /vscode/unpkg/ endpoint serves inline as text/html within the open-vsx.org origin, with no Content-Security-Policy or Content-Disposition: attachment header. When a logged-in victim is lured to the resulting URL, the script runs in the registry's origin and can steal session tokens, mint Personal Access Tokens, and publish trojanized extension versions - turning a single XSS into a supply-chain compromise of VS Code, VSCodium, Cursor, and Windsurf users. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the attacker to hold a publisher account (self-registerable without prior authorization) and to upload a VSIX whose payload is an HTML file served through the /vscode/unpkg/ asset endpoint, which returns Content-Type: text/html inline with no CSP and no Content-Disposition: attachment. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The signals are mixed and point to high potential impact but low current urgency. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker registers a free publisher account on open-vsx.org, publishes an innocuous-looking extension whose VSIX bundles a crafted HTML file, then shares the /vscode/unpkg/ URL for that file with a targeted maintainer (e.g. via a bug report or forum post). … |
| Remediation | Vendor-released patch: upgrade Eclipse Open VSX to 1.0.2 or later, which is the fixed version per the EUVD range and the upstream fix in https://github.com/eclipse-openvsx/openvsx/pull/1922 (self-hosted operators should redeploy from the 1.0.2 release). … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Audit your organization's use of VS Code, VSCodium, Cursor, and Windsurf, and verify which systems pull extensions from open-vsx.org. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Eclipse Open Vsx
View allSame weakness CWE-79 – Cross-site Scripting (XSS)
View allVendor StatusVendor
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-40945
GHSA-f3mc-x4vf-jrw2