Security Advisory

CVE-2021-27517

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-07-20 11:38:37
Last updated 2024-08-03 21:26:09
Assigner mitre
State PUBLISHED

Description

Foxit PDF SDK For Web through 7.5.0 allows XSS. There is arbitrary JavaScript code execution in the browser if a victim uploads a malicious PDF document containing embedded JavaScript code that abuses app.alert (in the Acrobat JavaScript API).