CVE-2021-45980

Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary code via getURL in the JavaScript API.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 72%
VendorProductVersion
foxitpdf_editor
𝑥
< 11.1
foxitpdf_reader
𝑥
< 11.1
𝑥
= Vulnerable software versions
References
https://github.com/dlehgus1023
https://github.com/dlehgus1023/CVE/tree/master/CVE-2021-45980
https://www.foxit.com/support/security-bulletins.html
https://github.com/dlehgus1023
https://github.com/dlehgus1023/CVE/tree/master/CVE-2021-45980
https://www.foxit.com/support/security-bulletins.html