CVE-2018-5158
UNKNOWN
Published 2018-06-11T21:00:00
Actions:
No CVSS data available
Description
The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60.
Available Exploits
No exploits available for this CVE.
Related News
No news articles found for this CVE.
Affected Products
Affected Versions:
Affected Versions:
WordPress Vulnerability
Identified and analyzed by Wordfence
Software Type
Plugin
Patch Status
Patched
Published
November 8, 2024
Software Details
Software Name
Algori PDF Viewer
Software Slug
algori-pdf-viewer
Affected Versions
* - 1.0.7
Patched Versions
1.0.8
Remediation
Update to version 1.0.8, or a newer patched version
© Defiant Inc. Data provided by Wordfence.
References
HackerOne Reports
Published: 2018-06-11T21:00:00
Last Modified: 2024-08-05T05:26:47.026Z
Copied to clipboard!