CNNVD-202510-2465 Information

Oct 17, 2025 cve

CNNVD ID

CNNVD-202510-2465

CVE-2025-56320

CNNVD Published: 2025-10-17

Description (Chinese)

Cobblestone Enterprise Contract Management Software是美国Cobblestone公司的一个企业合同管理软件。 Cobblestone Enterprise Contract Management Software 22.4.0版本存在安全漏洞，该漏洞源于聊天框组件存在存储型跨站脚本，可能导致执行任意代码。

Description (English)

Cobblestone Enterprise Management Software is an enterprise contract management software of Cobblestone, United States. There is a security loophole in version 22.4.0 of Cobblestone Enterprise Construction Management Software, which stems from the existence of a storage cross-site script of the chat box component, which may result in the execution of any code.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Cobblestone

Published

2025-10-17

Last Modified

2026-02-24

References

http://cobblestone.com https://medium.com/@rajput.thakur/stored-xss-in-chat-box-component-cve-2025-56320-87fb10d809e2 http://enterprise.com https://access.redhat.com/security/cve/cve-2025-56320

Share on: