The extension manager in Adobe Brackets before 1.7 allows attackers to have an unspecified impact via invalid input.