CVE-2021-45980

Name of the Vulnerable Software and Affected Versions Foxit PDF Reader and PDF Editor versions prior to 11.1

Description The issue allows remote attackers to execute arbitrary code via getURL in the JavaScript API. This can be exploited to gain unauthorized access and control over the system.

Recommendations For versions prior to 11.1, update to version 11.1 or later to resolve the issue. As a temporary workaround, consider disabling the getURL function in the JavaScript API until a patch is available. Restrict access to potentially malicious PDF files to minimize the risk of exploitation.