code-server is vulnerable to Improper Validation. The vulnerability exists due to missing WebSocket origin validations handshakes which allows an attacker to gain access to the server and perform unauthorized actions.Read More