CNNVD-202508-3032 Information

CNNVD ID

CNNVD-202508-3032

Related CVE

CVE-2025-35112

• CNNVD Published: 2025-08-26

Description (Chinese)

Agiloft是美国Agiloft公司的一个合同管理平台。 Agiloft存在安全漏洞，该漏洞源于XML外部实体注入，可能导致路径遍历。

Description (English)

Agiloft is a contract management platform for Agiloft in the United States. There is a security loophole in Agiloft, which originates from the injection of an outside XML entity, which could lead to a routing.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Agiloft

Published

2025-08-26

Last Modified

2026-02-24

References

https://www.cve.org/CVERecord?id=CVE-2025-35112 https://wiki.agiloft.com/display/HELP/What%27s+New%3A+CVE+Resolution https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-239-01.json https://nvd.nist.gov/vuln/detail/CVE-2025-35112