CVE-2021-39307

PDFTron's WebViewer UI 8.0 or below renders dangerous URLs as hyperlinks in supported documents, including JavaScript URLs, allowing the execution of arbitrary JavaScript code. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt