CVE-2021-38574
published 2021-08-11CVE-2021-38574: An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows SQL Injection via crafted data at the end of a string.
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows SQL Injection via crafted data at the end of a string.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| foxitsoftware | foxit_reader | < 10.1.4 | 10.1.4 |
| foxitsoftware | phantompdf | < 10.1.4 | 10.1.4 |