CVE Database · CVE-2007-0044
CVSS v3.1
N/A
EPSS
55.47%
Published
Jan 3, 2007
Modified
Apr 22, 2026
Public PoC / Exploit (2)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet Explorer, and Opera web browsers allows remote attackers to force the browser to make unauthorized requests to other web sites via a URL in the (1) FDF, (2) xml, and (3) xfdf AJAX request parameters, following the # (hash) character, aka "Universal CSRF and session riding."
Weaknesses (CWE)
Affected Products (36)
References (20)
