Note:
This project will be discontinued after December 13, 2021. [more]
2019-12-19
Brackets versions 1.14 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
Products | Brackets |
Type | Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') (CWE-74) |
First patch | - None (likely due to unavailable code) |
Links | https://helpx.adobe.com/security/products/brackets/apsb19-57.html |