Sean Melia, Author at Security Boulevard
SSRF and XXE Vulnerabilities in PDFreactor

SSRF and XXE Vulnerabilities in PDFreactor

|
Aon’s Cyber Solutions recently discovered two vulnerabilities in RealObjects PDFreactior prior to version 10.1.10722 in the default configuration. The identified vulnerabilities allow attackers to perform Server-Side Request Forgery (SSRF) and XML External Entity Injection (XXE) attacks in cases where PDFreactor is used to process user-controllable HTML over a network. Exploitation ... Read More