CVE-2022-39019: Pdftron: add security layer to avoid the lack of authorisation check on rendered images from pdftron

DESCRIPTION

Pdftron doesn’t provide any native mechanism to ensure that rendered documents cannot be opened by someone else than the user supposed to access the rendered document.
We had to implement our own additional layer of security to check for the current user session and determine if the URLs can be opened or not.

Risk level: High

Fix: Upgrade to version 3.3.11.3 or later.

AFFECTED PRODUCTS

Hubshare

MORE INFORMATION

N/A

ACKNOWLEDGEMENT

Review M-Files on Gartner® Peer Insights™ & get a $25 gift card!

Review now
X