A remote code execution vulnerability exists in Application Inspector version v1.0.23 or earlier when the tool reflects example code snippets from third-party source files into its HTML output, aka 'Remote Code Execution Vulnerability in Application Inspector'.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0872