Foxit Pdf Editor Cloud — known CVE vulnerabilities
Every CVE whose affected-product data names Foxit Pdf Editor Cloud, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2025-66500 — CVSS 6.3 (medium): A stored cross-site scripting (XSS) vulnerability exists in webplugins.foxit.com. A postMessage handler fails to validate the message…
CVE-2025-66501 — CVSS 6.3 (medium): A stored cross-site scripting (XSS) vulnerability exists in pdfonline.foxit.com within the Predefined Text feature of the Foxit eSign…
CVE-2025-66502 — CVSS 6.3 (medium): A stored cross-site scripting (XSS) vulnerability exists in pdfonline.foxit.com within the Page Templates feature. A crafted payload can be…
CVE-2025-66519 — CVSS 6.3 (medium): A stored cross-site scripting (XSS) vulnerability exists in pdfonline.foxit.com within the Layer Import functionality. A crafted payload…
CVE-2025-66520 — CVSS 6.3 (medium): A stored cross-site scripting (XSS) vulnerability exists in the Portfolio feature of the Foxit PDF Editor cloud (pdfonline.foxit.com)…
CVE-2025-66521 — CVSS 6.3 (medium): A stored cross-site scripting (XSS) vulnerability exists in pdfonline.foxit.com within the Trusted Certificates feature. A crafted payload…
CVE-2025-66522 — CVSS 6.3 (medium): A stored cross-site scripting (XSS) vulnerability exists in the Digital IDs functionality of the Foxit PDF Editor Cloud…
CVE-2026-1591 — CVSS 6.3 (medium): Foxit PDF Editor Cloud (pdfonline) contains a stored cross-site scripting vulnerability in the file upload feature. A malicious username is…
CVE-2026-1592 — CVSS 6.3 (medium): Foxit PDF Editor Cloud (pdfonline) contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user…