exploitDog

GHSA-cx28-78m7-h38f

Опубликовано: 03 мар. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

A Cross-Site Scripting (XSS) vulnerability in the Rendering Engine component in Apryse WebViewer v11.1 and earlier allows attackers to execute arbitrary code via a crafted PDF file.

A Cross-Site Scripting (XSS) vulnerability in the Rendering Engine component in Apryse WebViewer v11.1 and earlier allows attackers to execute arbitrary code via a crafted PDF file.

Ссылки

EPSS

Процентиль: 33%

0.0013

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2024-57240

CVSS3: 5.4

nvd

11 месяцев назад

A Cross-Site Scripting (XSS) vulnerability in the Rendering Engine component in Apryse WebViewer v11.1 and earlier allows attackers to execute arbitrary code via a crafted PDF file.

EPSS

Процентиль: 33%

0.0013

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79