Medium severity6.1NVD Advisory· Published Sep 15, 2021· Updated Jun 17, 2026
CVE-2021-39307
CVE-2021-39307
Description
PDFTron's WebViewer UI 8.0 or below renders dangerous URLs as hyperlinks in supported documents, including JavaScript URLs, allowing the execution of arbitrary JavaScript code.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- PDFTron/WebViewer UIdescription
- Range: <=8.0
Patches
Vulnerability mechanics
References
2- research.nccgroup.com/2021/09/14/technical-advisory-pdftron-javascript-urls-allowed-in-webviewer-ui-cve-2021-39307/nvdExploitPatchThird Party Advisory
- www.pdftron.com/webviewer/nvdProductVendor Advisory
News mentions
0No linked articles in our index yet.