2 matches found
CVE-2021-39307
PDFTron's WebViewer UI 8.0 or below renders dangerous URLs as hyperlinks in supported documents, including JavaScript URLs, allowing the execution of arbitrary JavaScript code...
CVE-2021-39307
Summary: CVE-2021-39307 affects PDFTron’s WebViewer UI (version 8.0 and earlier). The root cause is that the WebViewer renders dangerous URLs as hyperlinks in supported documents, including JavaScript URLs, which can lead to arbitrary JavaScript execution. Reports from Red Hat and other sources c...