CNNVD-202601-3293 Information

CNNVD ID

CNNVD-202601-3293

Related CVE

CVE-2025-66523

• CNNVD Published: 2026-01-20

Description (Chinese)

Foxit eSign是美国Foxit公司的一个电子签名服务软件。 Foxit eSign 2026‑01‑16之前版本存在安全漏洞，该漏洞源于URL参数未经适当编码或清理直接嵌入JavaScript代码或HTML属性，可能导致经过身份验证的用户访问特制链接时注入任意脚本。

Description (English)

Foxit eSign is an electronic signature service software of the United States company Foxit. The security loophole in the version of Foxit eSign 2026 â01 â16) arises from the fact that the URL parameter is not properly coded or clean-up directly embedded in JavaScript code or HTML attributes, which may result in any script being injected by an identified user when accessing a unique link.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

福昕

Published

2026-01-20

Last Modified

2026-02-24

References

https://www.foxit.com/support/security-bulletins.html