Apryse · Apryse Webviewer · CVE-2024-57240
**Name of the Vulnerable Software and Affected Versions**
Apryse WebViewer versions prior to 11.1
**Description**
A Cross-Site Scripting (XSS) issue in the Rendering Engine component allows attackers to execute arbitrary code via a crafted PDF file.
**Recommendations**
For versions prior to 11.1, update to a version that contains a fix for this issue to prevent arbitrary code execution.