All 4 CVE vulnerabilities found in macro-pdfviewer, with AI-generated Chinese analysis, references, and POCs.
Vendor: xwikisas
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-52298 | macro-pdfviewer's preview in WYSIWYG editor allows accessing any PDF document as the last author CWE-615 | 7.5 | High | 2024-11-13 |
| CVE-2024-52299 | The PDF viewer macro allows accessing any attachment without access right checks CWE-340 | 7.5 | High | 2024-11-13 |
| CVE-2024-52300 | macro-pdfviewer has a XSS through the width parameter CWE-80 | 9.1 | Critical | 2024-11-13 |
| CVE-2024-30263 | The PDF Viewer macro can be used to view PDF attachments with restricted access CWE-200 | 7.7 | High | 2024-04-04 |
All 4 known CVE vulnerabilities affecting macro-pdfviewer with full Chinese analysis, references, and POCs where available.