某些 Creative Cloud 应用程序、服务和功能在中国不可用。
Release date: June 14, 2016
Vulnerability identifier: APSB16-20
Priority: 3
CVE number: CVE-2016-4164, CVE-2016-4165
Platform: Windows, Macintosh and Linux
Adobe has released a security update for Adobe Brackets for Windows, Macintosh and Linux. This update resolves a JavaScript injection vulnerability (CVE-2016-4164) and a vulnerability in the extension manager (CVE-2016-4165). Adobe recommends users update their product installation using the instructions provided in the “Solution” Section below.
| Product | Affected Version | Platform |
|---|---|---|
| Adobe Brackets | 1.6 and earlier versions | Windows, Macintosh and Linux |
Adobe categorizes this update with the following priority rating and recommends users update their installation to the newest version by following the instructions below:
| Product | Updated version | Platform | Priority rating | Availability |
|---|---|---|---|---|
| Adobe Brackets | 1.7 | Windows, Macintosh and Linux | 3 | Download |
- This update resolves a JavaScript injection vulnerability, which could be abused in a cross-site scripting attack (CVE-2016-4164).
- This update resolves an input validation vulnerability in the extension manager (CVE-2016-4165).
Adobe would like to thank Kacper Rybczyński for reporting these issues (CVE-2016-4164 and CVE-2016-4165) and for working with Adobe to help protect our customers.