💡Idea of methods to add.

# Ideas

- [x] Add support for the detection of **XFA form** in a PDF file to detect attack like [CVE-2025-54988](https://nvd.nist.gov/vuln/detail/CVE-2025-54988).

# References

- https://github.com/mgthuramoemyint/POC-CVE-2025-54988
- [POC-CVE-2025-54988-main.zip](https://github.com/user-attachments/files/22318764/POC-CVE-2025-54988-main.zip)
- [Sample file to use](https://github.com/righettod/toolbox-pentest-web/blob/master/misc/doc-pdf-with-xxe-in-xfa-form.pdf)
- Code snippet for the detection:

```java
import org.apache.pdfbox.Loader;
import org.apache.pdfbox.pdmodel.PDDocument;
import org.apache.pdfbox.pdmodel.PDDocumentCatalog;
import org.apache.pdfbox.pdmodel.interactive.form.PDAcroForm;

File filePath = new File("doc-pdf-with-xxe-in-xfa-form.pdf");
try (PDDocument document = Loader.loadPDF(filePath)) {
	PDDocumentCatalog catalog = document.getDocumentCatalog();
	PDAcroForm acroForm = catalog.getAcroForm();
	boolean hasForm  = (acroForm != null && acroForm.getXFA() != null);
	System.out.println(hasForm);
}
```






Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

💡Idea of methods to add. #1

Ideas

References

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

💡Idea of methods to add. #1

Description

Ideas

References

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions