Date Published: Feb 24 2025
A Cross-Site Scripting (XSS) vulnerability has been identified in Apryse WebViewer versions up to and including 11.1. This vulnerability allows remote attackers to execute arbitrary JavaScript code by supplying a crafted PDF file. The issue arises due to improper sanitization of user-supplied input during PDF rendering.