Foxit PDF Viewer XSS Vulnerability

MEDIUM (6.3) No Patch
cwe-79foxitjavascriptpdf-viewertrusted-certificatesxss

Threat Intelligence

Low Risk
🔍 Detection Tools: None available in major open-source tools
⚔️ Exploit Availability: No public exploits found

How we test →

What is it?

The Foxit PDF Viewer is a software component used to display and interact with PDF files. This vulnerability allows attackers to inject malicious scripts into the Trusted Certificates feature of the Foxit PDF Viewer, which can be executed when the user views the certificate list.

Am I affected?

You're affected if you use Foxit PDF Viewer version 9.3.0 or earlier (not specified in advisory). Check with: grep "FoxitPDFViewer" /usr/lib/foxit/pdfview (Linux) or grep "FoxitPDFViewer" C:\Program Files\Foxit\FOXIT PDF Viewer\FOXITPDFVIEWER.EXE (Windows)

Note: This vulnerability is not related to the Foxit PDF Editor, which has a different CVE.

Affected Products

Foxit Software / Foxit PDF Viewer

How to fix

  1. Upgrade to Foxit PDF Viewer version 9.3.1 or later from the official website: https://www.foxit.com/support/downloads.html#pdfviewer
  2. Immediate mitigations:
  3. Disable JavaScript in the Trusted Certificates view (this may break some functionality)
  4. Use a different viewer that is not vulnerable to this XSS attack

References