CVE-2025-66523
EUVD-2026-346320.01.2026, 07:15
URL parameters are directly embedded into JavaScript code or HTML attributes without proper encoding or sanitization. This allows attackers to inject arbitrary scripts when an authenticated user visits a crafted link. This issue affects na1.foxitesign.foxit.com: before 2026‑01‑16.
Awaiting analysis
This vulnerability is currently awaiting analysis.