CVE-2026-4947

Name of the Vulnerable Software and Affected Versions Foxit eSign (affected versions not specified)

Description A potential insecure direct object reference (IDOR) vulnerability was addressed in the signing invitation acceptance process. Under certain conditions, this issue could have allowed an attacker to access or modify unauthorized resources by manipulating user-supplied object identifiers, potentially leading to forged signatures and compromising the integrity and authenticity of documents undergoing the signing process. The issue was caused by insufficient authorization validation on referenced resources during request processing.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.