Product
Last updated on
27 Des 2022
Security update available for Adobe Brackets
Release date: June 14, 2016
Vulnerability identifier: APSB16-20
Priority: 3
CVE number: CVE-2016-4164, CVE-2016-4165
Platform: Windows, Macintosh and Linux
Summary
Adobe has released a security update for Adobe Brackets for Windows, Macintosh and Linux. This update resolves a JavaScript injection vulnerability (CVE-2016-4164) and a vulnerability in the extension manager (CVE-2016-4165). Adobe recommends users update their product installation using the instructions provided in the “Solution” Section below.
Affected software versions
|
|
Affected Version |
Platform |
|
Adobe Brackets |
1.6 and earlier versions |
Windows, Macintosh and Linux |
Solution
Adobe categorizes this update with the following priority rating and recommends users update their installation to the newest version by following the instructions below:
|
Product |
Updated version |
Platform |
Availability |
|
|
Adobe Brackets |
1.7 |
Windows, Macintosh and Linux |
3 |
Vulnerability Details
- This update resolves a JavaScript injection vulnerability, which could be abused in a cross-site scripting attack (CVE-2016-4164).
- This update resolves an input validation vulnerability in the extension manager (CVE-2016-4165).
Acknowledgments
Adobe would like to thank Kacper Rybczyński for reporting these issues (CVE-2016-4164 and CVE-2016-4165) and for working with Adobe to help protect our customers.
