ExportToPdfCmd Arbitrary File Read Information Disclosure Vulnerability
(CVE-2021-35219)
Security Advisory Summary
This vulnerability allows attackers to impersonate users and perform arbitrary actions on their behalf.
Affected Products
- Orion Platform 2020.2.5 and earlier
Fixed Software Release
Acknowledgments
- Alex Birnberg of Zymo Security and FireEye
Advisory Details
Severity
6.0 Medium
Advisory ID
First Published
07/15/2021
Last Updated
08/24/2021
Fixed Version
Orion Platform 2020.2.6 HF1