An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has brute-force attack mishandling because the CAS service lacks a limit on login failures.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13805
Reference (s):
- https://www.foxitsoftware.com/support/security-bulletins.php