Refer to How to insert RTF into a word document I have a follow up question.
In our scenario the RTF content is provided by some third parties to us. We use these contents and inject/insert them into a document. We just simply insert it - we don’t check the content at all. Then we save this document as docx or pdf and return it to the third party.
But what if there is some malicious content (e.g. some scripts) in the RTF? Is there something we can do here when inserting or Aspose maybe does in terms of malicious content?
We found this article (An Inside Look into Microsoft Rich Text Format and OLE Exploits) from McAfee which highlights issues with RTF.
Any input how to protect from malicious content is highly appreciated.