216.73.217.176

CVE-2026-1592

· Published 03/02/2026 08:16 · Modified 03/02/2026 16:44

Labels: CVE-2026-1592 14984358-7092-470d-8f34-ade47a7658a22026-02-03CVE-2026-1592CWE-79

Essential information

Published
03/02/2026 08:16
Modified
03/02/2026 16:44
Author
Creator
CVSS
6.3 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N

CVSS metrics

Description

Foxit PDF Editor Cloud (pdfonline) contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced. This issue affects pdfonline.foxit.com: before 2026‑02‑03.

NVD status

Status
Undergoing Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
14984358-7092-470d-8f34-ade47a7658a2
NVD
View on NVD

Affected products (CPE)

ProductCPE
foxit software / foxit pdf editor cloud cpe:2.3:a:foxit_software:foxit_pdf_editor_cloud:*:*:*:*:*:*:*:*

References