CVE-2025-6078

Partner Software's Partner Software application and Partner Web application allows an authenticated user to add notes on the 'Notes' page when viewing a job but does not completely sanitize input, making it possible to add notes with HTML tags and JavaScript, enabling an attacker to add a note containing malicious JavaScript, leading to stored XSS (cross-site scripting).

N/A

N/A

Partner Software和Partner Software Partner Web 安全漏洞

Partner Software和Partner Software Partner Web都是美国Partner Software公司的产品。Partner Software是一款地理信息系统应用。Partner Software Partner Web是一款提供报告上审阅的Web后台系统。 Partner Software和Partner Software Partner Web存在安全漏洞，该漏洞源于输入清理不足，可能导致存储型跨站脚本攻击。

N/A

N/A