CVE-2025-66522

A stored cross-site scripting XSS vulnerability exists in the Digital IDs functionality of the Foxit PDF Editor Cloud pdfonline.foxit.com. The application does not properly sanitize or encode the Common Name field of Digital IDs before inserting user-supplied content into the DOM. As a result,...

CVE-2025-66522

A stored cross-site scripting XSS vulnerability exists in the Digital IDs functionality of the Foxit PDF Editor Cloud pdfonline.foxit.com. The application does not properly sanitize or encode the Common Name field of Digital IDs before inserting user-supplied content into the DOM. As a result,...

CVE-2025-66522 Foxit pdfonline.foxit.com Stored Cross-Site Scripting in Digital IDs Common Name Field

A stored cross-site scripting XSS vulnerability exists in the Digital IDs functionality of the Foxit PDF Editor Cloud pdfonline.foxit.com. The application does not properly sanitize or encode the Common Name field of Digital IDs before inserting user-supplied content into the DOM. As a result,...

EUVD-2025-204454

A stored cross-site scripting XSS vulnerability exists in the Digital IDs functionality of the Foxit PDF Editor Cloud pdfonline.foxit.com. The application does not properly sanitize or encode the Common Name field of Digital IDs before inserting user-supplied content into the DOM. As a result,...

CVE-2025-66522 Foxit pdfonline.foxit.com Stored Cross-Site Scripting in Digital IDs Common Name Field

A stored cross-site scripting XSS vulnerability exists in the Digital IDs functionality of the Foxit PDF Editor Cloud pdfonline.foxit.com. The application does not properly sanitize or encode the Common Name field of Digital IDs before inserting user-supplied content into the DOM. As a result,...

PT-2025-52434

A stored cross-site scripting XSS vulnerability exists in the Digital IDs functionality of the Foxit PDF Editor Cloud pdfonline.foxit.com. The application does not properly sanitize or encode the Common Name field of Digital IDs before inserting user-supplied content into the DOM. As a result,...

Foxit PDF Editor 安全漏洞

Foxit PDF Editor is a PDF editor from the Chinese company Foxit Foxit. A security vulnerability exists in Foxit PDF Editor that stems from the Common Name field in the Digital IDs feature not being properly cleaned or encoded, which could lead to a stored cross-site scripting attack...

EUVD-2009-3739

Malware in sbrugna...

EUVD-2014-3505

Malware in sbrugna...

SUSE CVE-2009-3766

muttssl.c in mutt 1.5.16 and other versions before 1.5.19, when OpenSSL is used, does not verify the domain name in the subject's Common Name CN field of an X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...

SUSE CVE-2012-5784

Apache Axis 1.4 and earlier, as used in PayPal Payments Pro, PayPal Mass Pay, PayPal Transactional Information SOAP, the Java Message Service implementation in Apache ActiveMQ, and other products, does not verify that the server hostname matches a domain name in the subject's Common Name CN or...

CVE-2022-26481

An issue was discovered in Poly Studio before 3.7.0. Command Injection can occur via the CN field of a Create Certificate Signing Request CSR action...

CVE-2022-26481

An issue was discovered in Poly Studio before 3.7.0. Command Injection can occur via the CN field of a Create Certificate Signing Request CSR action...

GHSA-2X83-R56G-CV47 Improper certificate validation in org.apache.httpcomponents:httpclient

http/conn/ssl/AbstractVerifier.java in Apache Commons HttpClient before 4.2.3 does not properly verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via...

GHSA-Q44R-F2HM-V76V Pupper does not properly restrict characters in Common Name field of Certificate Signing Request

lib/puppet/ssl/certificateauthority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a Certificate Signing Request CSR, which makes it easier for user-assisted remote attackers to trick...

XChat 'Comman Name' Field SSL Certificate Security Bypass Vulnerability

X-Chat is a free and open source IRC client. A security vulnerability in the XChat 'Comman Name' field SSL certificate allows attackers to perform man-in-the-middle attacks or emulate a trusted server...

DEBIAN-CVE-2014-3577

org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows...

jakarta-commons-httpclient: missing connection hostname check against X.509 certificate name

It was found that Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service FPS merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows...

CentOS Update for postgresql84 CESA-2012:0678 centos5

Check for the Version of postgresql84 OpenVAS Vulnerability Test CentOS Update for postgresql84 CESA-2012:0678 centos5 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify...

Ubuntu Update for qt4-x11 USN-1504-1

Ubuntu Update for Linux kernel vulnerabilities USN-1504-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN15041.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for qt4-x11 USN-1504-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...