5 matches found
EUVD-2025-202692
Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via triggers. An attacker can embed triggers e.g., JavaScript in a PDF document that execute during the signing process. When a signer reviews the document, the content appears normal. However, once the signature is applied, the...
CVE-2025-59802
Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via OCG. When Optional Content Groups OCG are supported, the state property of an OCG is runtime-only and not included in the digital signature computation buffer. An attacker can leverage JavaScript or PDF triggers to dynamical...
PT-2025-50624
Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via triggers. An attacker can embed triggers e.g., JavaScript in a PDF document that execute during the signing process. When a signer reviews the document, the content appears normal. However, once the signature is applied, the...
CVE-2025-59803
Affected software: Foxit PDF Editor and Foxit Reader (before 2025.2.1).Root cause: Signature spoofing via triggers embedded in PDFs (e.g., JavaScript) that execute during the signing process, allowing content to be modified after a signer reviews it.Impact: The signed PDF can differ from what the...
PT-2024-35140 · Docusign · Docusign
Name of the Vulnerable Software and Affected Versions: DocuSign versions through 2024-12-04 Description: The issue concerns a User Interface UI Misrepresentation of Critical Information vulnerability that allows Content Spoofing. Specifically, the SaaS AI assistant ignores hidden content that is...