CVE-2025-66501 — ThreaTel

THREATEL Threat Intel

v0.1

CVE-2025-66501

MED 6.3

Published

2025-12-19

Last Modified

2025-12-23

Affected Apps

18

Affected Devices

46

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N

A stored cross-site scripting (XSS) vulnerability exists in pdfonline.foxit.com within the Predefined Text feature of the Foxit eSign section. A crafted payload can be stored via the Identity “First Name” field, which is later rendered into the DOM without proper sanitization. As a result, the injected script may execute when predefined text is used or when viewing document properties.

Affected Applications in Environment 18

PDF Reader v2024.3.0.26795

PDF Reader v2024.2.3.25184

PDF Reader v2026.1.0.36452

PDF Reader v2025.2.0.33046

PDF Reader v12.1.0.15250

PDF Reader v2024.4.0.27683

PDF Reader v2023.2.0.21408

PDF Reader v2023.3.0.23028

PDF Reader v2025.3.0.35737

PDF Reader v12.0.1.12430

PDF Reader v12.0.0.12394

PDF Reader v2025.2.1.69005 (2025.2.0.68868)

PDF Reader v2025.2.1.33197

PDF Reader v2024.1.0.23997

PDF Reader v2025.2.1.69005

PDF Reader v2025.1.0.27937

PDF Reader v12.1.2.15332

Affected Devices 46

AIRPORT2312-02 Windows ATWOOD-453Z1G3 Windows COX12 Windows DESKTOP-15U41CQ Windows DESKTOP-2UD952N Windows DESKTOP-A27UL0P Windows DESKTOP-OMEN Windows DPEBIE-5171H8C Windows DPEDUC-L13245D2 Windows DPEECE-O5294VPL Windows DPEFSN-2H0KYD3 Windows DPEMAE-5171VCC Windows DPEMAE-7242KJS Windows DPEMAE-7242KKC Windows DPITED-A7242KKG Windows ENGL-RBW416-D06 Windows HELIOS Windows MICROFILM2000-H Windows MXL1172G4V-1877 Windows MXL1172G4W-1877 Windows MXL1172G4X-1877 Windows MXL1172G4Y-1877 Windows MXL1172G50-1877 Windows MXL1172G51-1877 Windows MXL1172G55-1877 Windows MXL1172G57-1877 Windows MXL1172G58-1877 Windows MXL1172G5D-1877 Windows MXL1172G5F-1877 Windows MXL1172G5G-1883 Windows MXL1172G5H-1877 Windows MXL1172G5J-1877 Windows MXL1172G5K-1877 Windows MXL1172G5N-1877 Windows MXL1172G5V-1877 Windows MXL1172G5Z-1877 Windows MXL1172G62-1877 Windows MXL1172G64-1877 Windows MXL1314RT5-1883 Windows MXL1314RTV-1883 Windows MXL1314RV3-1883 Windows SGOSNEYLAPTOP Windows SSWA-ATEM-D9010 Windows USULOAN257 Windows USULOAN386 Windows a02459287-GCN22J0PJ7 Mac

References 1

https://www.foxit.com/support/security-bulletins.html