An issue exists in Foxit Reader and PhantomPDF prior to 10.1.4. It allows writing to arbitrary files because the extractPages pathname is not validated.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
foxitsoftware foxit reader |
||
foxitsoftware phantompdf |