6.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
44.9%
PDFTronβs WebViewer UI 8.0 or below renders dangerous URLs as hyperlinks in supported documents, including JavaScript URLs, allowing the execution of arbitrary JavaScript code.
research.nccgroup.com/2021/09/14/technical-advisory-pdftron-javascript-urls-allowed-in-webviewer-ui-cve-2021-39307/
www.pdftron.com/webviewer/