jsPDF has PDF Injection in AcroFormChoiceField that allows Arbitrary JavaScript Execution
- Severity:
- High
Description
User control of properties and methods of the Acroform module allows users to inject arbitrary PDF objects, such as JavaScript actions.
Recommendation
Update the jspdf package to the latest compatible version. Followings are version details:
- Affected version(s): <= 4.0.0
- Patched version(s): 4.1.0
References
Related Issues
- jsPDF has a PDF Injection in AcroForm module allows Arbitrary JavaScript Execution (RadioButton.createOption and "AS" pr - CVE-2026-25940
- jsPDF has a PDF Object Injection via Unsanitized Input in addJS Method - CVE-2026-25755
- jsPDF has a PDF Object Injection via FreeText color - CVE-2026-31898
- Lobe Chat has IDOR in Knowledge Base File Removal that Allows Cross User File Deletion - CVE-2026-23522
- Tags:
- npm
- jspdf
Anything's wrong? Let us know Last updated on February 03, 2026