Note:
This project will be discontinued after December 13, 2021. [more]
2019-12-19
Brackets versions 1.14 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
| Products | Brackets |
| Type | Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') (CWE-74) |
| First patch | - None (likely due to unavailable code) |
| Links | https://helpx.adobe.com/security/products/brackets/apsb19-57.html |