Tab Key Mishandling in Foxit Reader and PhantomPDF Leads to Information Disclosure and Application Crash

Tab Key Mishandling in Foxit Reader and PhantomPDF Leads to Information Disclosure and Application Crash

CVE-2021-33794 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 allow information disclosure or an application crash after mishandling the Tab key during XFA form interaction.

Learn more about our Web Application Penetration Testing UK.