Adobe Brackets XSS Vulnerability (CVE-2016-4164)

Adobe Brackets XSS Vulnerability (CVE-2016-4164)
Adobe Brackets XSS Vulnerability (CVE-2016-4164)

Release date:
Updated on:

Affected Systems:

Adobe Brackets <  1.7

Description:

CVE (CAN) ID: CVE-2016-4164

Adobe Brackets is an open-source code encoder written in JavaScript, HTML, and CSS.

The cross-site scripting vulnerability exists in versions earlier than Adobe Brackets 1.7. Remote attackers can exploit this vulnerability to inject arbitrary Web scripts or HTML.

<* Source: Kacper Rybczy ń ski
　

Link: https://helpx.adobe.com/security/products/brackets/apsb16-20.html
*>

Suggestion:

Vendor patch:

Adobe
-----
Adobe has released a Security Bulletin (APSB16-20) and patches for this:
APSB16-20: Security update available for Adobe Brackets
Link: https://helpx.adobe.com/security/products/brackets/apsb16-20.html

Patch download:
Https://github.com/adobe/brackets/releases

Install the open-source simple and powerful integrated development environment on your Ubuntu-Brackets

Adobe Brackets-open-source, concise and powerful HTML, CSS, and JavaScript integrated development environment update Brackets-sprint-18

For more information about Brackets, click here.
Brackets: click here

This article permanently updates the link address: