Headline
CVE-2021-45978: CVE/CVE-2021-45978 at master · dlehgus1023/CVE
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary code via xfa.host.gotoURL in the XFA API.
Foxit PDF Reader XFA API xfa.host.gotoURL Command Injection Vulnerability (Remote Code Execution)
Product : Foxit PDF Reader macOS 11.0.1.0719
HOST OS : Windows 10 x64 (10.0.19041)
CVSS : 7.8 High (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
Reference : Foxit Security Bulletins
Credit Information
- DoHyun Lee(@l33d0hyun)