The PDF viewer doesn't sanitize PostScript calculator functions, allowing injection of malicious JavaScript
Reporter | Title | Published | Views | Family All 92 |
---|---|---|---|---|
![]() | WordPress Algori PDF Viewer Plugin <= 1.0.7 is vulnerable to Cross Site Scripting (XSS) | 8 Nov 202400:00 | – | patchstack |
![]() | Code injection | 11 Jun 201821:29 | – | prion |
![]() | CVE-2018-5158 | 11 Jun 201821:29 | – | nvd |
![]() | CVE-2018-5158 | 29 Jan 202016:02 | – | redhatcve |
![]() | CVE-2018-5158 | 10 May 201800:00 | – | ubuntucve |
![]() | Code Injection | 16 May 201902:25 | – | veracode |
![]() | CVE-2018-5158 | 11 Jun 201821:29 | – | debiancve |
![]() | Malicious PDF can inject JavaScript into PDF Viewer | 14 May 202201:22 | – | github |
![]() | CVE-2018-5158 | 11 Jun 201821:00 | – | cvelist |
![]() | Nextcloud: XSS in PDF Viewer | 16 Mar 202002:01 | – | hackerone |
[
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "52.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "60",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo