A vulnerability exists in the way Crimson Editor reads file types from within configuration files and can be exploited, by malicious people, to compromise a vulnerable system. Version 3.70 is vulnerable. Proof of concept configuration file included.
1ec59406c38b8d6add7259dd38a3f8539cb46647cf4a428f9acd4b04a29dc142