2 matches found
Cross-Site Scripting (XSS)
Piranha is vulnerable to a Cross-site scripting XSS. The vulnerability is due to insufficient validation of uploaded PDF files, allowing authenticated remote attackers to upload crafted files containing malicious JavaScript code that executes when a victim interacts with the file in their web...
Cross-site Scripting (XSS)
dompdf is vulnerable to cross-site scripting XSS attacks. The library does not filter user-supplied strings through uploaded pdf files, allowing a malicious user to inject and execute arbitrary web script...