2 matches found
CVE-2025-63917
PDFPatcher thru 1.1.3.4663 executable's XML bookmark import functionality does not restrict XML external entity XXE references. The application uses .NET's XmlDocument class without disabling external entity resolution, enabling attackers to: Read arbitrary files from the victim's filesystem,...
formii (=1.0.0), html-patcher-stream (>=1.0.0 <=1.1.0) +1 more potentially affected by unknown CVE via html-patcher (>=0.0.3 <=0.1.0)
html-patcher NPM version =0.0.3, =1.0.0, =0.1.0, =1.0.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-22751...