CVE-2018-7160 - Pwning (NodeJS) DevelopersTL;DR: NodeJS in debug mode did not check the Origin-Header of websocket connections. This could lead to arbitrary code execution on victims systems if they visited a malicious website while debugging NodeJS. Visual Studio Code 1.19 - 1.19.2 was running in debug mode by default and exposed all users to this vulnerability. Due to my suspiciousness against 3rd party software (probably a side effect
