Adobe Brackets XSS Vulnerability (CVE-2016-4164)
Adobe Brackets XSS Vulnerability (CVE-2016-4164)
Release date:
Updated on:
Affected Systems:
Adobe Brackets < 1.7
Description:
CVE (CAN) ID: CVE-2016-4164
Adobe Brackets is an open-source code encoder written in JavaScript, HTML, and CSS.
The cross-site scripting vulnerability exists in versions earlier than Adobe Brackets 1.7. Remote attackers can exploit this vulnerability to inject arbitrary Web scripts or HTML.
<* Source: Kacper Rybczy ń ski
Link: https://helpx.adobe.com/security/products/brackets/apsb16-20.html
*>
Suggestion:
Vendor patch:
Adobe
-----
Adobe has released a Security Bulletin (APSB16-20) and patches for this:
APSB16-20: Security update available for Adobe Brackets
Link: https://helpx.adobe.com/security/products/brackets/apsb16-20.html
Patch download:
Https://github.com/adobe/brackets/releases
Install the open-source simple and powerful integrated development environment on your Ubuntu-Brackets
Adobe Brackets-open-source, concise and powerful HTML, CSS, and JavaScript integrated development environment update Brackets-sprint-18
For more information about Brackets, click here.
Brackets: click here
This article permanently updates the link address: