4 matches found
CVE-2025-12249
CVE-2025-12249 affects Axosoft Scrum and Bug Tracking 22.1.1.11545. The vulnerability lies in the Edit Ticket Page component where manipulating the Title argument enables CSV injection. Exploitation can be remote and the exploit is publicly available. Vendor has not responded. No public informati...
CVE-2025-11279
A vulnerability was detected in Axosoft Scrum and Bug Tracking 22.1.1.11545. This issue affects some unknown processing of the component Add Work Item Page. The manipulation of the argument Title results in csv injection. The attack can be launched remotely. The exploit is now public and may be...
CVE-2025-11279
The CVE-2025-11279 entry concerns Axosoft Scrum and Bug Tracking 22.1.1.11545. The vulnerability affects the Add Work Item Page, where manipulation of the Title argument leads to a CSV injection. It is a network-accessible issue with low privileges and low impact on confidentiality, integrity, an...
CVE-2025-11279 Axosoft Scrum and Bug Tracking Add Work Item csv injection
A vulnerability was detected in Axosoft Scrum and Bug Tracking 22.1.1.11545. This issue affects some unknown processing of the component Add Work Item Page. The manipulation of the argument Title results in csv injection. The attack can be launched remotely. The exploit is now public and may be...