Vulnerabilities > CVE-2022-30350 - Unspecified vulnerability in Avanquest Pdfescape 3.19.2.2

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

avanquest

NVD

Published: 2023-03-30

Updated: 2023-04-10

Summary

Avanquest Software RAD PDF (PDFEscape Online) 3.19.2.2 is vulnerable to Information Leak / Disclosure. The PDFEscape Online tool provides users with a "white out" functionality for redacting images, text, and other graphics from a PDF document. However, this mechanism does not remove underlying text or PDF object specification information from the PDF. As a result, for example, redacted text may be copy-pasted by a PDF reader.

Vulnerable Configurations

Part	Description	Count
Application	Avanquest Avanquest Pdfescape 3.19.2.2	1

References

https://arxiv.org/pdf/2206.02285.pdf
https://www.pdfescape.com/open/