CVE-2026-1592
Stored XSS via Create New Layer Field found in Foxit PDF Editor Cloud
Foxit PDF Editor Cloud (pdfonline) contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced.
This issue affects pdfonline.foxit.com: before 2026‑02‑03.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N
Productos afectados
Foxit Software Inc. · pdfonline.foxit.com¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →