216.73.217.176

CVE-2025-6078

· Published 02/08/2025 03:15 · Modified 02/08/2025 03:15

Labels: CVE-2025-6078 2025-08-02CVE-2025-6078[email protected]

Essential information

Published
02/08/2025 03:15
Modified
02/08/2025 03:15
Author
Creator
CISA KEV
No
CWE

Description

Partner Software's Partner Software application and Partner Web application allows an authenticated user to add notes on the 'Notes' page when viewing a job but does not completely sanitize input, making it possible to add notes with HTML tags and JavaScript, enabling an attacker to add a note containing malicious JavaScript, leading to stored XSS (cross-site scripting).

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
partner software / partner software cpe:2.3:a:partner_software:partner_software:*:*:*:*:*:*:*:*
partner software / partner web application cpe:2.3:a:partner_software:partner_web_application:*:*:*:*:*:*:*:*

References