Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/02/04 1:20 p.m.5 views

CVE-2026-1592

Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced. This issue affects pdfonline.foxit.com: before...

6.3CVSS5.4AI score0.00195EPSS
Exploits0References1
OSV
OSV
added 2026/02/03 8:16 a.m.4 views

CVE-2026-1592

Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced. This issue affects pdfonline.foxit.com: before...

5.4CVSS5.9AI score0.00195EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/19 7:25 a.m.23 views

CVE-2025-66502 Foxit pdfonline.foxit.com Stored Cross-Site Scripting in Page Templates Feature

A stored cross-site scripting XSS vulnerability exists in pdfonline.foxit.com within the Page Templates feature. A crafted payload can be stored as the template name, which is later rendered into the DOM without proper sanitization. As a result, the injected script executes each time the affected...

6.3CVSS0.00147EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/19 7:23 a.m.27 views

CVE-2025-66501 Foxit pdfonline.foxit.com Stored Cross-Site Scripting in eSign Predefined Text Feature

A stored cross-site scripting XSS vulnerability exists in pdfonline.foxit.com within the Predefined Text feature of the Foxit eSign section. A crafted payload can be stored via the Identity “First Name” field, which is later rendered into the DOM without proper sanitization. As a result, the...

6.3CVSS0.0015EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/19 12:0 a.m.6 views

PT-2025-52429

A stored cross-site scripting XSS vulnerability exists in pdfonline.foxit.com within the Predefined Text feature of the Foxit eSign section. A crafted payload can be stored via the Identity “First Name” field, which is later rendered into the DOM without proper sanitization. As a result, the...

6.3CVSS5.8AI score0.0015EPSS
Exploits0References2
Rows per page
Query Builder