CVE-2021-38565

EUVD-2021-25007
An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It allows writing to arbitrary files via submitForm.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 1%
Affected Products (NVD)
VendorProductVersion
foxitsoftwarepdf_editor
𝑥
< 11.0.1
foxitsoftwarepdf_reader
𝑥
< 11.0.1
𝑥
= Vulnerable software versions
References
https://www.foxitsoftware.com/support/security-bulletins.php
https://www.foxitsoftware.com/support/security-bulletins.php