Vulnerabilities > Accusoft > Prizmdoc

DATE CVE VULNERABILITY TITLE RISK
2018-12-10 CVE-2018-15805 XXE vulnerability in Accusoft Prizmdoc
Accusoft PrizmDoc HTML5 Document Viewer before 13.5 contains an XML external entity (XXE) vulnerability, allowing an attacker to read arbitrary files or cause a denial of service (resource consumption).
network
low complexity
accusoft CWE-611
critical
9.1
2018-09-18 CVE-2018-15546 Cross-site Scripting vulnerability in Accusoft Prizmdoc
Accusoft PrizmDoc version 13.3 and earlier contains a Stored Cross-Site Scripting issue through a crafted PDF file.
network
low complexity
accusoft CWE-79
6.1