CVE-2025-6078

Name of the Vulnerable Software and Affected Versions Partner Software's Partner Software application and Partner Web application (affected versions not specified)

Description The application does not completely sanitize input on the 'Notes' page when viewing a job, allowing an authenticated user to add notes containing HTML tags and JavaScript. This can lead to stored cross-site scripting (XSS) where an attacker adds a note containing malicious JavaScript.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.