CVE-2026-1592

Medium CVSS: 6.3

Foxit PDF Editor Cloud (pdfonline) contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced.

This issue affects pdfonline.foxit.com: before 2026‑02‑03.

Vendor

Foxit

Product

Pdf Editor Cloud

CWE

CWE-79

Yayın Tarihi

2026-02-03 08:16:15

Güncelleme

2026-02-18 16:08:28

Source Identifier

14984358-7092-470d-8f34-ade47a7658a2

KEV Date Added

Kategoriler

CWE-79 Pdf Editor Cloud MEDIUM Foxit 2026

Referanslar

https://www.foxit.com/support/security-bulletins.html

Benzer Kayıtlar

Medium

CVE-2026-1591

Foxit PDF Editor Cloud (pdfonline) contains a stored cross-site scripting vulnerability in the file upload feature. A ma…

Medium

CVE-2025-66520

A stored cross-site scripting (XSS) vulnerability exists in the Portfolio feature of the Foxit PDF Editor cloud (pdfonli…

Medium

CVE-2025-66521

A stored cross-site scripting (XSS) vulnerability exists in pdfonline.foxit.com within the Trusted Certificates feature.…

Medium

CVE-2025-66522

A stored cross-site scripting (XSS) vulnerability exists in the Digital IDs functionality of the Foxit PDF Editor Cloud…

Medium

CVE-2025-66501

A stored cross-site scripting (XSS) vulnerability exists in pdfonline.foxit.com within the Predefined Text feature of th…

Medium

CVE-2025-66502

A stored cross-site scripting (XSS) vulnerability exists in pdfonline.foxit.com within the Page Templates feature. A cra…