{"id":"CVE-2016-4164","details":"Cross-site scripting (XSS) vulnerability in Adobe Brackets before 1.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.","modified":"2026-04-10T03:50:36.146031Z","published":"2016-06-16T14:59:47.157Z","references":[{"type":"ADVISORY","url":"https://helpx.adobe.com/security/products/brackets/apsb16-20.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/adobe/brackets","events":[{"introduced":"0"},{"last_affected":"3df0ac6fa18b1ccfc34f6d234da2aa8c43643a93"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.6"}]}}],"versions":["0.30.0-8785","0.30.0-8833","linux-cef-2171","release-0.43-beta1","release-0.44-beta1","release-1.0-beta1","release-1.0-rc1","release-1.1-rc1","release-1.2-prerelease1","release-1.4+eb4","release-1.6","release-1.6+eb4","release-1.6-prerelease1","splitview-pre-tree","sprint-1","sprint-10","sprint-11","sprint-12","sprint-13","sprint-14","sprint-15","sprint-16","sprint-17","sprint-19","sprint-2","sprint-22","sprint-24","sprint-25","sprint-26","sprint-27","sprint-28","sprint-29","sprint-3","sprint-30","sprint-31","sprint-32","sprint-33","sprint-34","sprint-4","sprint-5","sprint-6","sprint-7","sprint-8","sprint-9","test-45","untagged-293a2ac7be89eb7a80b8","untagged-71c185fc4eecfb5086d0","v34.10534","v34.10744"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-4164.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}