Filtered by vendor Inflectra
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-48590 | 1 Inflectra | 1 Spirateam | 2025-04-01 | N/A | 9.8 CRITICAL |
| Inflectra SpiraTeam 7.2.00 is vulnerable to Server-Side Request Forgery (SSRF) via the NewsReaderService. This allows an attacker to escalate privileges and obtain sensitive information. | |||||
| CVE-2024-48591 | 1 Inflectra | 1 Spirateam | 2025-04-01 | N/A | 6.1 MEDIUM |
| Inflectra SpiraTeam 7.2.00 is vulnerable to Cross Site Scripting (XSS). A specially crafted SVG file can be uploaded that will render and execute JavaScript upon direct viewing. | |||||