exploitDog

GHSA-jv72-wxjv-h5q2

Опубликовано: 20 янв. 2026

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

URL parameters are directly embedded into JavaScript code or HTML attributes without proper encoding or sanitization. This allows attackers to inject arbitrary scripts when an authenticated user visits a crafted link.

This issue affects na1.foxitesign.foxit.com: before 2026‑01‑16.

URL parameters are directly embedded into JavaScript code or HTML attributes without proper encoding or sanitization. This allows attackers to inject arbitrary scripts when an authenticated user visits a crafted link.

This issue affects na1.foxitesign.foxit.com: before 2026‑01‑16.

Ссылки

EPSS

Процентиль: 9%

0.00031

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2025-66523

CVSS3: 6.1

nvd

19 дней назад

URL parameters are directly embedded into JavaScript code or HTML attributes without proper encoding or sanitization. This allows attackers to inject arbitrary scripts when an authenticated user visits a crafted link. This issue affects na1.foxitesign.foxit.com: before 2026‑01‑16.

EPSS

Процентиль: 9%

0.00031

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79