Vulnerability Description
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary code via getURL in the JavaScript API.
CVSS Score
7.8
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Foxit | Pdf Editor | < 11.1 |
| Foxit | Pdf Reader | < 11.1 |
| Apple | Macos | - |
References
- https://github.com/dlehgus1023Third Party Advisory
- https://github.com/dlehgus1023/CVE/tree/master/CVE-2021-45980Third Party Advisory
- https://www.foxit.com/support/security-bulletins.htmlVendor Advisory
- https://github.com/dlehgus1023Third Party Advisory
- https://github.com/dlehgus1023/CVE/tree/master/CVE-2021-45980Third Party Advisory
- https://www.foxit.com/support/security-bulletins.htmlVendor Advisory
FAQ
What is CVE-2021-45980?
CVE-2021-45980 is a vulnerability with a CVSS score of 7.8 (HIGH). Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary code via getURL in the JavaScript API.
How severe is CVE-2021-45980?
CVE-2021-45980 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-45980?
Check the references section above for vendor advisories and patch information. Affected products include: Foxit Pdf Editor, Foxit Pdf Reader, Apple Macos.