CVE-2025-66523

URL parameters are directly embedded into JavaScript code or HTML attributes without proper encoding or sanitization. This allows attackers to inject arbitrary scripts when an authenticated user visits a crafted link. This issue affects na1.foxitesign.foxit.com: before 2026‑01‑16...

CVE-2025-66523

CVE-2025-66523 reflects a Cross-Site Scripting (XSS) issue in na1.foxitesign.foxit.com prior to 2026-01-16, caused by URL parameters being embedded directly into JavaScript code or HTML attributes without proper encoding or sanitization. An authenticated user can trigger script injection by visit...