Is the HTML editor in CuteFTP affected by the compromised scilexer.dll?


THE INFORMATION IN THIS ARTICLE APPLIES TO:

  • CuteFTP, any version

QUESTION

Is the HTML editor in CuteFTP affected by the compromised scilexer.dll?

ANSWER

It has been announced that the Scintilla text editor (scilexer.dll) used by programs such as Notepad++ is vulnerable to being replaced by a hacked version that extracts information to send to a third party.

CuteFTP 9 statically links to the Scintilla library in our software. However, there are no exposed DLLs that we need to load for the CuteFTP HTML editor, therefore, we are not susceptible to this vulnerability.