The Hubshare application appears to use a vulnerable version of PDFTron Webviewer UI for document viewing, collaboration and annotation
Risk level: Critical
Fix: Upgrade to version 126.96.36.199 or later.
The issue has been naturally fixed by upgrading the Pdftron Viewer library. No hubshare source code changes needed.
We thank Michael Newton <email@example.com> for responsible disclosure.
Date issued: 2022-08