3 matches found
CVE-2026-57248
The CVE-2026-57248 entry concerns Foxit PDF Editor/Reader where opening a PDF and performing JavaScript to write annotation attributes can bypass object type/argument checks, corrupting the internal annotation structure and causing a crash on release. This is described as a local, user-interactio...
CVE-2025-66523
URL parameters are directly embedded into JavaScript code or HTML attributes without proper encoding or sanitization. This allows attackers to inject arbitrary scripts when an authenticated user visits a crafted link. This issue affects na1.foxitesign.foxit.com: before 2026‑01‑16...
The vulnerability of the Thunderbird email client, as well as the Firefox and Firefox ESR browsers, stems from improper input validation during the processing of JavaScript attributes. This allows attackers to execute arbitrary JavaScript code.
The vulnerability of the Thunderbird email client, as well as browsers Firefox and Firefox ESR, is related to improper input validation during the processing of JavaScript attributes. Exploiting this vulnerability allows an attacker to execute arbitrary JavaScript code remotely...