CVE-2025-6078

by Fred · 02/08/2025

Partner Software’s Partner Software application and Partner Web application allows an authenticated user to add notes on the ‘Notes’ page when viewing a job but does not completely sanitize input, making it possible to add notes with HTML tags and JavaScript, enabling an attacker to add a note containing malicious JavaScript, leading to stored XSS (cross-site scripting).

More information : https://partnersoftware.com/resources/software-release-info-4-32/

CVE-2025-6078

Similar

Recent Posts

Categories

CVE-2025-6078

Share this:

Similar

Recent Posts

Categories

Tags