Cybersecuritynews
Foxit PDF Editor Vulnerabilities Enable Arbitrary JavaScript Execution
First seen 3 Feb 2026, 20:27 UTC
•

•86% similarity
•29.9
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
Critical cross-site scripting (XSS) vulnerabilities were identified in Foxit PDF Editor Cloud, allowing attackers to execute arbitrary JavaScript code in users’ browsers. The vulnerabilities stem from insufficient input validation and improper output encoding in the application's File Attachments list and Layers panel, potentially leading to privilege escalation and cross-domain data theft. Foxit has responded by implementing comprehensive input validation.
ThreatCluster AI