CVE-2025-66521

Name of the Vulnerable Software and Affected Versions Foxit PDF Online (affected versions not specified)

Description A stored cross-site scripting (XSS) issue exists in the Trusted Certificates feature of pdfonline.foxit.com. A malicious payload can be injected as the certificate name. This injected script then executes whenever the Trusted Certificates view is loaded because the data is rendered into the Document Object Model (DOM) without sufficient sanitization.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.