← voltar
CVE-2026-1592

Stored XSS via Create New Layer Field found in Foxit PDF Editor Cloud

CVSS 6.3 MEDIUMEPSS 0.2%CWE-79
Foxit PDF Editor Cloud (pdfonline) contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced. This issue affects pdfonline.foxit.com: before 2026‑02‑03.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N
Produtos afetados
Foxit Software Inc. · pdfonline.foxit.com

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.foxit.com/support/security-bulletins.html