Foxit PDF cloud services, such as Foxit PDF Editor Cloud, are browser-based PDF solutions that provide a full-featured platform for viewing, creating, editing, annotating, organizing, converting, securing, exporting, and signing PDF documents and forms.Novee’s analysis — powered by specialized AI agents — led to the discovery of 16 vulnerabilities across Apryse and Foxit products. One critical and two high-severity vulnerabilities were found in Apryse products, and two high-severity and 11 medium-severity issues were identified in Foxit products.The list of flaws includes DOM XSS, SSRF, stored and reflected XSS, path traversal, and OS command injection vulnerabilities.Novee’s testsdemonstrated that attackers could have exploited the security holes via specially crafted documents, URLs, or messages to execute arbitrary code or commands.“Several vulnerabilities were exploitable with a single request and affected trusted domains commonly embedded inside enterprise applications,” the security firm explained.The researchers showed that in scenarios where PDF viewers are embedded in authenticated applications an attacker could have leveraged the XSS flaws for account takeover. In addition, an attacker could have exploited the weaknesses to exfiltrate sensitive document or user data, manipulate documents, or achieve persistent compromise using payloads that survive page refreshes.“From a defender’s perspective, this means that a component long assumed to be low risk can quietly become a high-impact attack surface,” Novee said.SecurityWeekhas reached out to both Foxit and Apryse for comment.Hongtao Huang, Group SDE, Product Security, Foxit, stated:“Foxit takes product security seriously and maintains an active responsible disclosure program for exactly this reason. When Novee Security Research identified these vulnerabilities and brought them to our attention, our security team engaged immediately. We worked collaboratively with Novee through the full remediation process and have published detailed updates through ourTrust Center.We appreciate Novee’s professionalism and thoroughness throughout this process. This is responsible disclosure working exactly as it should. Foxit remains committed to ongoing transparency with the security research community and our customers.”Stan Kornacki, Vice President of IT and CISO, Apryse, commented:“The issues referenced in Novee’s upcoming research were responsibly reported and have been addressed through product updates, documentation improvements, and strengthened default configurations.We expect these types of issues to be infrequent, but when they appear, we address them promptly and thoroughly, keeping all parties informed throughout the process.Our vulnerability management processes are comprehensive — designed not just to remediate vulnerabilities but to assess potential data impact, test for unintended behavior, and ensure every release meets the high standard of code quality our customers deserve.”Related:APT-Grade PDFSider Malware Used by Ransomware GroupsRelated:CISA: Hackers Exploiting Vulnerability in Product of Taiwan Security Firm TeamT5Related:Patch Tuesday: Adobe Fixes 44 Vulnerabilities in Creative Apps
Novee’s analysis — powered by specialized AI agents — led to the discovery of 16 vulnerabilities across Apryse and Foxit products. One critical and two high-severity vulnerabilities were found in Apryse products, and two high-severity and 11 medium-severity issues were identified in Foxit products.The list of flaws includes DOM XSS, SSRF, stored and reflected XSS, path traversal, and OS command injection vulnerabilities.Novee’s testsdemonstrated that attackers could have exploited the security holes via specially crafted documents, URLs, or messages to execute arbitrary code or commands.“Several vulnerabilities were exploitable with a single request and affected trusted domains commonly embedded inside enterprise applications,” the security firm explained.The researchers showed that in scenarios where PDF viewers are embedded in authenticated applications an attacker could have leveraged the XSS flaws for account takeover. In addition, an attacker could have exploited the weaknesses to exfiltrate sensitive document or user data, manipulate documents, or achieve persistent compromise using payloads that survive page refreshes.“From a defender’s perspective, this means that a component long assumed to be low risk can quietly become a high-impact attack surface,” Novee said.SecurityWeekhas reached out to both Foxit and Apryse for comment.Hongtao Huang, Group SDE, Product Security, Foxit, stated:“Foxit takes product security seriously and maintains an active responsible disclosure program for exactly this reason. When Novee Security Research identified these vulnerabilities and brought them to our attention, our security team engaged immediately. We worked collaboratively with Novee through the full remediation process and have published detailed updates through ourTrust Center.We appreciate Novee’s professionalism and thoroughness throughout this process. This is responsible disclosure working exactly as it should. Foxit remains committed to ongoing transparency with the security research community and our customers.”Stan Kornacki, Vice President of IT and CISO, Apryse, commented:“The issues referenced in Novee’s upcoming research were responsibly reported and have been addressed through product updates, documentation improvements, and strengthened default configurations.We expect these types of issues to be infrequent, but when they appear, we address them promptly and thoroughly, keeping all parties informed throughout the process.Our vulnerability management processes are comprehensive — designed not just to remediate vulnerabilities but to assess potential data impact, test for unintended behavior, and ensure every release meets the high standard of code quality our customers deserve.”Related:APT-Grade PDFSider Malware Used by Ransomware GroupsRelated:CISA: Hackers Exploiting Vulnerability in Product of Taiwan Security Firm TeamT5Related:Patch Tuesday: Adobe Fixes 44 Vulnerabilities in Creative Apps
The list of flaws includes DOM XSS, SSRF, stored and reflected XSS, path traversal, and OS command injection vulnerabilities.Novee’s testsdemonstrated that attackers could have exploited the security holes via specially crafted documents, URLs, or messages to execute arbitrary code or commands.“Several vulnerabilities were exploitable with a single request and affected trusted domains commonly embedded inside enterprise applications,” the security firm explained.The researchers showed that in scenarios where PDF viewers are embedded in authenticated applications an attacker could have leveraged the XSS flaws for account takeover. In addition, an attacker could have exploited the weaknesses to exfiltrate sensitive document or user data, manipulate documents, or achieve persistent compromise using payloads that survive page refreshes.“From a defender’s perspective, this means that a component long assumed to be low risk can quietly become a high-impact attack surface,” Novee said.SecurityWeekhas reached out to both Foxit and Apryse for comment.Hongtao Huang, Group SDE, Product Security, Foxit, stated:“Foxit takes product security seriously and maintains an active responsible disclosure program for exactly this reason. When Novee Security Research identified these vulnerabilities and brought them to our attention, our security team engaged immediately. We worked collaboratively with Novee through the full remediation process and have published detailed updates through ourTrust Center.We appreciate Novee’s professionalism and thoroughness throughout this process. This is responsible disclosure working exactly as it should. Foxit remains committed to ongoing transparency with the security research community and our customers.”Stan Kornacki, Vice President of IT and CISO, Apryse, commented:“The issues referenced in Novee’s upcoming research were responsibly reported and have been addressed through product updates, documentation improvements, and strengthened default configurations.We expect these types of issues to be infrequent, but when they appear, we address them promptly and thoroughly, keeping all parties informed throughout the process.Our vulnerability management processes are comprehensive — designed not just to remediate vulnerabilities but to assess potential data impact, test for unintended behavior, and ensure every release meets the high standard of code quality our customers deserve.”Related:APT-Grade PDFSider Malware Used by Ransomware GroupsRelated:CISA: Hackers Exploiting Vulnerability in Product of Taiwan Security Firm TeamT5Related:Patch Tuesday: Adobe Fixes 44 Vulnerabilities in Creative Apps
Novee’s testsdemonstrated that attackers could have exploited the security holes via specially crafted documents, URLs, or messages to execute arbitrary code or commands.“Several vulnerabilities were exploitable with a single request and affected trusted domains commonly embedded inside enterprise applications,” the security firm explained.The researchers showed that in scenarios where PDF viewers are embedded in authenticated applications an attacker could have leveraged the XSS flaws for account takeover. In addition, an attacker could have exploited the weaknesses to exfiltrate sensitive document or user data, manipulate documents, or achieve persistent compromise using payloads that survive page refreshes.“From a defender’s perspective, this means that a component long assumed to be low risk can quietly become a high-impact attack surface,” Novee said.SecurityWeekhas reached out to both Foxit and Apryse for comment.Hongtao Huang, Group SDE, Product Security, Foxit, stated:“Foxit takes product security seriously and maintains an active responsible disclosure program for exactly this reason. When Novee Security Research identified these vulnerabilities and brought them to our attention, our security team engaged immediately. We worked collaboratively with Novee through the full remediation process and have published detailed updates through ourTrust Center.We appreciate Novee’s professionalism and thoroughness throughout this process. This is responsible disclosure working exactly as it should. Foxit remains committed to ongoing transparency with the security research community and our customers.”Stan Kornacki, Vice President of IT and CISO, Apryse, commented:“The issues referenced in Novee’s upcoming research were responsibly reported and have been addressed through product updates, documentation improvements, and strengthened default configurations.We expect these types of issues to be infrequent, but when they appear, we address them promptly and thoroughly, keeping all parties informed throughout the process.Our vulnerability management processes are comprehensive — designed not just to remediate vulnerabilities but to assess potential data impact, test for unintended behavior, and ensure every release meets the high standard of code quality our customers deserve.”Related:APT-Grade PDFSider Malware Used by Ransomware GroupsRelated:CISA: Hackers Exploiting Vulnerability in Product of Taiwan Security Firm TeamT5Related:Patch Tuesday: Adobe Fixes 44 Vulnerabilities in Creative Apps
“Several vulnerabilities were exploitable with a single request and affected trusted domains commonly embedded inside enterprise applications,” the security firm explained.The researchers showed that in scenarios where PDF viewers are embedded in authenticated applications an attacker could have leveraged the XSS flaws for account takeover. In addition, an attacker could have exploited the weaknesses to exfiltrate sensitive document or user data, manipulate documents, or achieve persistent compromise using payloads that survive page refreshes.“From a defender’s perspective, this means that a component long assumed to be low risk can quietly become a high-impact attack surface,” Novee said.SecurityWeekhas reached out to both Foxit and Apryse for comment.Hongtao Huang, Group SDE, Product Security, Foxit, stated:“Foxit takes product security seriously and maintains an active responsible disclosure program for exactly this reason. When Novee Security Research identified these vulnerabilities and brought them to our attention, our security team engaged immediately. We worked collaboratively with Novee through the full remediation process and have published detailed updates through ourTrust Center.We appreciate Novee’s professionalism and thoroughness throughout this process. This is responsible disclosure working exactly as it should. Foxit remains committed to ongoing transparency with the security research community and our customers.”Stan Kornacki, Vice President of IT and CISO, Apryse, commented:“The issues referenced in Novee’s upcoming research were responsibly reported and have been addressed through product updates, documentation improvements, and strengthened default configurations.We expect these types of issues to be infrequent, but when they appear, we address them promptly and thoroughly, keeping all parties informed throughout the process.Our vulnerability management processes are comprehensive — designed not just to remediate vulnerabilities but to assess potential data impact, test for unintended behavior, and ensure every release meets the high standard of code quality our customers deserve.”Related:APT-Grade PDFSider Malware Used by Ransomware GroupsRelated:CISA: Hackers Exploiting Vulnerability in Product of Taiwan Security Firm TeamT5Related:Patch Tuesday: Adobe Fixes 44 Vulnerabilities in Creative Apps
The researchers showed that in scenarios where PDF viewers are embedded in authenticated applications an attacker could have leveraged the XSS flaws for account takeover. In addition, an attacker could have exploited the weaknesses to exfiltrate sensitive document or user data, manipulate documents, or achieve persistent compromise using payloads that survive page refreshes.“From a defender’s perspective, this means that a component long assumed to be low risk can quietly become a high-impact attack surface,” Novee said.SecurityWeekhas reached out to both Foxit and Apryse for comment.Hongtao Huang, Group SDE, Product Security, Foxit, stated:“Foxit takes product security seriously and maintains an active responsible disclosure program for exactly this reason. When Novee Security Research identified these vulnerabilities and brought them to our attention, our security team engaged immediately. We worked collaboratively with Novee through the full remediation process and have published detailed updates through ourTrust Center.We appreciate Novee’s professionalism and thoroughness throughout this process. This is responsible disclosure working exactly as it should. Foxit remains committed to ongoing transparency with the security research community and our customers.”Stan Kornacki, Vice President of IT and CISO, Apryse, commented:“The issues referenced in Novee’s upcoming research were responsibly reported and have been addressed through product updates, documentation improvements, and strengthened default configurations.We expect these types of issues to be infrequent, but when they appear, we address them promptly and thoroughly, keeping all parties informed throughout the process.Our vulnerability management processes are comprehensive — designed not just to remediate vulnerabilities but to assess potential data impact, test for unintended behavior, and ensure every release meets the high standard of code quality our customers deserve.”Related:APT-Grade PDFSider Malware Used by Ransomware GroupsRelated:CISA: Hackers Exploiting Vulnerability in Product of Taiwan Security Firm TeamT5Related:Patch Tuesday: Adobe Fixes 44 Vulnerabilities in Creative Apps
“From a defender’s perspective, this means that a component long assumed to be low risk can quietly become a high-impact attack surface,” Novee said.SecurityWeekhas reached out to both Foxit and Apryse for comment.Hongtao Huang, Group SDE, Product Security, Foxit, stated:“Foxit takes product security seriously and maintains an active responsible disclosure program for exactly this reason. When Novee Security Research identified these vulnerabilities and brought them to our attention, our security team engaged immediately. We worked collaboratively with Novee through the full remediation process and have published detailed updates through ourTrust Center.We appreciate Novee’s professionalism and thoroughness throughout this process. This is responsible disclosure working exactly as it should. Foxit remains committed to ongoing transparency with the security research community and our customers.”Stan Kornacki, Vice President of IT and CISO, Apryse, commented:“The issues referenced in Novee’s upcoming research were responsibly reported and have been addressed through product updates, documentation improvements, and strengthened default configurations.We expect these types of issues to be infrequent, but when they appear, we address them promptly and thoroughly, keeping all parties informed throughout the process.Our vulnerability management processes are comprehensive — designed not just to remediate vulnerabilities but to assess potential data impact, test for unintended behavior, and ensure every release meets the high standard of code quality our customers deserve.”Related:APT-Grade PDFSider Malware Used by Ransomware GroupsRelated:CISA: Hackers Exploiting Vulnerability in Product of Taiwan Security Firm TeamT5Related:Patch Tuesday: Adobe Fixes 44 Vulnerabilities in Creative Apps
SecurityWeekhas reached out to both Foxit and Apryse for comment.Hongtao Huang, Group SDE, Product Security, Foxit, stated:“Foxit takes product security seriously and maintains an active responsible disclosure program for exactly this reason. When Novee Security Research identified these vulnerabilities and brought them to our attention, our security team engaged immediately. We worked collaboratively with Novee through the full remediation process and have published detailed updates through ourTrust Center.We appreciate Novee’s professionalism and thoroughness throughout this process. This is responsible disclosure working exactly as it should. Foxit remains committed to ongoing transparency with the security research community and our customers.”Stan Kornacki, Vice President of IT and CISO, Apryse, commented:“The issues referenced in Novee’s upcoming research were responsibly reported and have been addressed through product updates, documentation improvements, and strengthened default configurations.We expect these types of issues to be infrequent, but when they appear, we address them promptly and thoroughly, keeping all parties informed throughout the process.Our vulnerability management processes are comprehensive — designed not just to remediate vulnerabilities but to assess potential data impact, test for unintended behavior, and ensure every release meets the high standard of code quality our customers deserve.”Related:APT-Grade PDFSider Malware Used by Ransomware GroupsRelated:CISA: Hackers Exploiting Vulnerability in Product of Taiwan Security Firm TeamT5Related:Patch Tuesday: Adobe Fixes 44 Vulnerabilities in Creative Apps
Hongtao Huang, Group SDE, Product Security, Foxit, stated:“Foxit takes product security seriously and maintains an active responsible disclosure program for exactly this reason. When Novee Security Research identified these vulnerabilities and brought them to our attention, our security team engaged immediately. We worked collaboratively with Novee through the full remediation process and have published detailed updates through ourTrust Center.We appreciate Novee’s professionalism and thoroughness throughout this process. This is responsible disclosure working exactly as it should. Foxit remains committed to ongoing transparency with the security research community and our customers.”Stan Kornacki, Vice President of IT and CISO, Apryse, commented:“The issues referenced in Novee’s upcoming research were responsibly reported and have been addressed through product updates, documentation improvements, and strengthened default configurations.We expect these types of issues to be infrequent, but when they appear, we address them promptly and thoroughly, keeping all parties informed throughout the process.Our vulnerability management processes are comprehensive — designed not just to remediate vulnerabilities but to assess potential data impact, test for unintended behavior, and ensure every release meets the high standard of code quality our customers deserve.”Related:APT-Grade PDFSider Malware Used by Ransomware GroupsRelated:CISA: Hackers Exploiting Vulnerability in Product of Taiwan Security Firm TeamT5Related:Patch Tuesday: Adobe Fixes 44 Vulnerabilities in Creative Apps
“Foxit takes product security seriously and maintains an active responsible disclosure program for exactly this reason. When Novee Security Research identified these vulnerabilities and brought them to our attention, our security team engaged immediately. We worked collaboratively with Novee through the full remediation process and have published detailed updates through ourTrust Center.We appreciate Novee’s professionalism and thoroughness throughout this process. This is responsible disclosure working exactly as it should. Foxit remains committed to ongoing transparency with the security research community and our customers.”
Source: SecurityWeek
