CNNVD-202510-1440 Information

CNNVD ID

CNNVD-202510-1440

Related CVE

CVE-2025-60378

• CNNVD Published: 2025-10-10

Description (Chinese)

RISE Ultimate Project Manager & CRM是RISE公司的一套项目管理系统。 RISE Ultimate Project Manager & CRM存在安全漏洞，该漏洞源于认证用户可在发票和消息中注入任意HTML，可能导致钓鱼攻击、凭据窃取和商业邮件泄露。

Description (English)

RISE Ultimate Project Manager & CRM is a project management system for RISE. RISE Ultimate Project Manager & CRM has a security loophole, which stems from the fact that certified users can inject any type of HTML into invoices and messages, which may lead to fishing attacks, document theft and commercial mail leaks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Rise

Published

2025-10-10

Last Modified

2026-02-24

References

http://rise.com https://github.com/ajansha/CVE-2025-60378