CVE-2018-4924

Name of the Vulnerable Software and Affected Versions Adobe Dreamweaver CC versions 18.0 and earlier

Description The issue is related to an OS Command Injection vulnerability in the HTML editor of Adobe Dreamweaver CC, which is caused by the failure to neutralize special elements used in operating system commands. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Recommendations For Adobe Dreamweaver CC versions 18.0 and earlier, update to a version later than 18.0 to resolve the issue. As a temporary workaround, consider restricting the use of the HTML editor until a patch is available.