CVE-2021-27517

Published: 2021-07-20T12:15Z

Last Modified: 2024-11-21T05:58Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Foxit PDF SDK For Web through 7.5.0 allows XSS. There is arbitrary JavaScript code execution in the browser if a victim uploads a malicious PDF document containing embedded JavaScript code that abuses app.alert (in the Acrobat JavaScript API). > MITRE Terms of Use apply – see LICENSE‑MITRE.txt