=== jsPDF Variant Analysis ===
GHSA-p5xg-68wr-hm3m / CVE-2026-25940


==========================================
BYPASS VERIFICATION TESTS
==========================================

--- Test 1: child.value bypass ---
[VULN-v4.0.0] Running test_bypass_value.js...
BYPASS TEST (child.value):
  - Unescaped payload in PDF: true
  - Alert code present: true
  - /V key present: true
  RESULT: BYPASS CONFIRMED - Payload injected successfully!
  STATUS: VULNERABLE (exploit worked)
[FIXED-v4.2.0] Running test_bypass_value.js...
BYPASS TEST (child.value):
  - Unescaped payload in PDF: true
  - Alert code present: true
  - /V key present: true
  RESULT: BYPASS CONFIRMED - Payload injected successfully!
  STATUS: VULNERABLE (exploit worked)

--- Test 2: child.defaultValue bypass ---
[VULN-v4.0.0] Running test_bypass_defaultvalue.js...
BYPASS TEST (child.defaultValue):
  - Unescaped payload in PDF: true
  - Alert code present: true
  RESULT: BYPASS CONFIRMED - Payload injected successfully!
  STATUS: VULNERABLE (exploit worked)
[FIXED-v4.2.0] Running test_bypass_defaultvalue.js...
BYPASS TEST (child.defaultValue):
  - Unescaped payload in PDF: true
  - Alert code present: true
  RESULT: BYPASS CONFIRMED - Payload injected successfully!
  STATUS: VULNERABLE (exploit worked)

--- Test 3: child.appearanceState (should be fixed) ---
[VULN-v4.0.0] Running test_fixed_appearancestate.js...
FIXED TEST (child.appearanceState):
  - Unescaped payload in PDF: true
  - Hex-escaped payload (expected): false
  RESULT: VULNERABLE - Fix not working
  STATUS: VULNERABLE (exploit worked)
[FIXED-v4.2.0] Running test_fixed_appearancestate.js...
FIXED TEST (child.appearanceState):
  - Unescaped payload in PDF: false
  - Hex-escaped payload (expected): true
  RESULT: SECURE - Payload properly escaped
  STATUS: SECURE (exploit blocked)

==========================================
SUMMARY
==========================================

Vulnerable Version (v4.0.0):
  - child.value bypass:     VULNERABLE
  - child.defaultValue:     VULNERABLE
  - child.appearanceState:   VULNERABLE

Fixed Version (v4.2.0):
  - child.value bypass:     BYPASS WORKS!
  - child.defaultValue:     BYPASS WORKS!
  - child.appearanceState:   BLOCKED

[!] BYPASS CONFIRMED: The fix is incomplete!
    See: /root/.pruva/runs/ghsa-p5xg-68wr-hm3m_20260219-204839/logs/variant_results.txt