Brackets <= 1.6 V8 JavaScript Injection
Tested on Windows 10 x64
Release 1.6 build 1.6.0-16680 (release 3df0ac6fa)
build timestamp: Tue Jan 12 2016 13:58:11 GMT+0000
Tested on OSX 10.11.3
Release 1.6 build 1.6.0-16680 (release 3df0ac6fa)
build timestamp: Tue Jan 12 2016 05:35:00 GMT-0800
Overview:
Brackets is a lightweight, yet powerful, modern text editor. We blend visual tools into the editor so you get the right amount of help when you want it. With new features and extensions released every 3-4 weeks, it's like getting presents all year long.
Brackets was founded by Adobe as a community guided, open source project to push web development editors to the next level. Brackets is released under the MIT License.
Vulnerability description:
There is possibility to execute javascript code by highlight event value.
Video & PoC:
http://kacperrybczynski.com/research/brackets_1.6_osx_10.11.3_win10_v8_javascript_injection/
Reference:
https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
Disclosure Timeline:
2016-02-10 - Vulnerability reported to vendor PSIRT-4788 and PSIRT-4824.
2016-06-14 - Security update available for Adobe Brackets. Update resolves a JavaScript injection vulnerability (CVE-2016-4164) APSB16-20
Reported by:
Kacper Rybczyński (@kacperybczynski)