18 matches found
CVE-2026-1592
Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced. This issue affects pdfonline.foxit.com: before...
CVE-2026-1592
Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced. This issue affects pdfonline.foxit.com: before...
CVE-2026-1592
Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced. This issue affects pdfonline.foxit.com: before...
CVE-2026-1592
CVE-2026-1592 affects Foxit PDF Editor Cloud (pdfonline). The vulnerability is a stored cross-site scripting (XSS) in the Create New Layer feature, where unsanitized user input is embedded into HTML output, enabling arbitrary JavaScript execution when the layer is referenced. Documents reference ...
CVE-2026-1592
Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced. This issue affects pdfonline.foxit.com: before...
CVE-2026-1592 Stored XSS via Create New Layer Field found in Foxit PDF Editor Cloud
Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced. This issue affects pdfonline.foxit.com: before...
CVE-2026-1591
Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting vulnerability in the file upload feature. A malicious username is embedded into the upload file list without proper escaping, allowing arbitrary JavaScript execution when the list is displayed. This issue affects...
CVE-2026-1591
CVE-2026-1591 is a stored cross-site scripting vulnerability in Foxit PDF Editor Cloud (pdfonline) caused by an unescaped malicious username in the file upload list. The flaw allows arbitrary JavaScript execution when the uploaded list is displayed, affecting pdfonline.foxit.com prior to 2026-02-...
Foxit PDF Editor Cloud 安全漏洞
Foxit PDF Editor Cloud is a browser-based online PDF editing platform provided by the American company Foxit. Versions of Foxit PDF Editor Cloud prior to February 3, 2026, contained security vulnerabilities. These vulnerabilities were caused by improper escaping of malicious usernames during the...
PT-2026-6047
Name of the Vulnerable Software and Affected Versions Foxit PDF Editor Cloud versions prior to 2026-02-03 Description Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting issue in the file upload feature. A malicious username is embedded into the upload file list without proper...
Foxit PDF Editor Cloud 安全漏洞
Foxit PDF Editor Cloud is a browser-based online PDF editing platform provided by the American company Foxit. Versions of Foxit PDF Editor Cloud prior to February 3, 2026, contained security vulnerabilities. These vulnerabilities stemmed from the inability to clean user input that was embedded in...
CVE-2025-66522
A stored cross-site scripting XSS vulnerability exists in the Digital IDs functionality of the Foxit PDF Editor Cloud pdfonline.foxit.com. The application does not properly sanitize or encode the Common Name field of Digital IDs before inserting user-supplied content into the DOM. As a result,...
CVE-2025-66522
A stored cross-site scripting XSS vulnerability exists in the Digital IDs functionality of the Foxit PDF Editor Cloud pdfonline.foxit.com. The application does not properly sanitize or encode the Common Name field of Digital IDs before inserting user-supplied content into the DOM. As a result,...
CVE-2025-66522 Foxit pdfonline.foxit.com Stored Cross-Site Scripting in Digital IDs Common Name Field
A stored cross-site scripting XSS vulnerability exists in the Digital IDs functionality of the Foxit PDF Editor Cloud pdfonline.foxit.com. The application does not properly sanitize or encode the Common Name field of Digital IDs before inserting user-supplied content into the DOM. As a result,...
EUVD-2025-204454
A stored cross-site scripting XSS vulnerability exists in the Digital IDs functionality of the Foxit PDF Editor Cloud pdfonline.foxit.com. The application does not properly sanitize or encode the Common Name field of Digital IDs before inserting user-supplied content into the DOM. As a result,...
CVE-2025-66522
The CVE-2025-66522 issue affects Foxit PDF Editor Cloud (pdfonline.foxit.com) under the Digital IDs feature. The vulnerability arises because the Common Name field in Digital IDs is not properly sanitized/encoded before injecting user-supplied content into the DOM, enabling stored XSS if the Digi...
CVE-2025-66522 Foxit pdfonline.foxit.com Stored Cross-Site Scripting in Digital IDs Common Name Field
A stored cross-site scripting XSS vulnerability exists in the Digital IDs functionality of the Foxit PDF Editor Cloud pdfonline.foxit.com. The application does not properly sanitize or encode the Common Name field of Digital IDs before inserting user-supplied content into the DOM. As a result,...
PT-2025-52434
A stored cross-site scripting XSS vulnerability exists in the Digital IDs functionality of the Foxit PDF Editor Cloud pdfonline.foxit.com. The application does not properly sanitize or encode the Common Name field of Digital IDs before inserting user-supplied content into the DOM. As a result,...