CVE-2026-4947 in na1.foxitesign.foxit.com
Resumen (Inglés)
Addressed a potential insecure direct object reference (IDOR) vulnerability in the signing invitation acceptance process. Under certain conditions, this issue could have allowed an attacker to access or modify unauthorized resources by manipulating user-supplied object identifiers, potentially leading to forged signatures and compromising the integrity and authenticity of documents undergoing the signing process. The issue was caused by insufficient authorization validation on referenced resources during request processing.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Responsable
Foxit
Reservar
2026-03-27
Divulgación
2026-04-01
Estado
Confirmado
Voces
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidad | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 354523 | Foxit na1.foxitesign.foxit.com escalada de privilegios | 284 | No está definido | Arreglo oficial | CVE-2026-4947 |
Descripción
CPE
CWE
CVSS
Hazañas
Historia
Diferencia
Relacionar
Inteligencia de amenazas
API JSON
API XML
API CSV