Critical severity10.0NVD Advisory· Published Jun 11, 2019· Updated Jun 17, 2026
CVE-2019-12153
CVE-2019-12153
Description
Lack of validation in the HTML parser in RealObjects PDFreactor before 10.1.10722 leads to SSRF, allowing attackers to access network or file resources on behalf of the server by supplying malicious HTML content.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- RealObjects/PDFreactordescription
- Range: <10.1.10722
- Range: <10.1.10722
Patches
Vulnerability mechanics
References
3- blog.gdssecurity.com/labs/2019/5/28/ssrf-and-xxe-vulnerabilities-in-pdfreactor.htmlnvdThird Party Advisory
- www.pdfreactor.com/important-pdfreactor-security-advisory/nvdVendor Advisory
- www.pdfreactor.com/pdfreactor-10-maintenance-release-10-1-10722-now-available/nvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.