PT-2026-6048 · Foxit · Foxit Pdf Editor Cloud
Novee
·
Published
2026-02-03
·
Updated
2026-02-04
·
CVE-2026-1592
CVSS v3.1
6.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Foxit PDF Editor Cloud (pdfonline) versions prior to 2026-02-03
Description
Foxit PDF Editor Cloud (pdfonline) has a stored cross-site scripting issue in the Create New Layer feature. The application embeds unsanitized user input into the HTML output, which can lead to arbitrary JavaScript execution when the layer is referenced.
Recommendations
Update Foxit PDF Editor Cloud (pdfonline) to a version released on or after 2026-02-03.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Foxit Pdf Editor Cloud