CVE-2025-66523 in Foxit na1.foxitesign.foxit.cominfo

Summary

URL parameters are directly embedded into JavaScript code or HTML attributes without proper encoding or sanitization. This allows attackers to inject arbitrary scripts when an authenticated user visits a crafted link. This issue affects na1.foxitesign.foxit.com: before 2026‑01‑16.

Responsible

Foxit

Reservation

12/04/2025

Disclosure

01/20/2026

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
341930	Foxit na1.foxitesign.foxit.com HTML Attribute HTML injection	79	Not defined	Official fix	CVE-2025-66523

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!