15 matches found
EUVD-2025-7137
Malicious code in bioql PyPI...
EUVD-2025-7130
Malicious code in bioql PyPI...
CVE-2024-48591
Inflectra SpiraTeam 7.2.00 is vulnerable to Cross Site Scripting XSS. A specially crafted SVG file can be uploaded that will render and execute JavaScript upon direct viewing...
CVE-2024-48590
Inflectra SpiraTeam 7.2.00 is vulnerable to Server-Side Request Forgery SSRF via the NewsReaderService. This allows an attacker to escalate privileges and obtain sensitive information...
CVE-2024-48591
Inflectra SpiraTeam 7.2.00 is vulnerable to Cross Site Scripting XSS. A specially crafted SVG file can be uploaded that will render and execute JavaScript upon direct viewing...
CVE-2024-48590
Inflectra SpiraTeam 7.2.00 is vulnerable to Server-Side Request Forgery SSRF via the NewsReaderService. This allows an attacker to escalate privileges and obtain sensitive information...
CVE-2024-48590
Inflectra SpiraTeam 7.2.00 is vulnerable to Server-Side Request Forgery SSRF via the NewsReaderService. This allows an attacker to escalate privileges and obtain sensitive information...
CVE-2024-48590
Inflectra SpiraTeam 7.2.00 is vulnerable to Server-Side Request Forgery SSRF via the NewsReaderService. This allows an attacker to escalate privileges and obtain sensitive information...
CVE-2024-48590
Inflectra SpiraTeam 7.2.00 is affected by CVE-2024-48590 due to a Server-Side Request Forgery (SSRF) vulnerability in NewsReaderService. The underlying issue allows an attacker to perform SSRF, potentially escalating privileges and disclosing sensitive data. Evidence in connected sources confirms...
CVE-2024-48591
Inflectra SpiraTeam 7.2.00 is vulnerable to Cross Site Scripting XSS. A specially crafted SVG file can be uploaded that will render and execute JavaScript upon direct viewing...
Inflectra SpiraTeam 安全漏洞
Inflectra SpiraTeam is a project management software from Inflectra, Inc. It is used for the management and delivery of software development and testing projects. A security vulnerability exists in Inflectra SpiraTeam version 7.2.00, which stems from the fact that uploading specially crafted SVG...
CVE-2024-48591
Inflectra SpiraTeam 7.2.00 is vulnerable to Cross Site Scripting XSS. A specially crafted SVG file can be uploaded that will render and execute JavaScript upon direct viewing...
CVE-2024-48590
Inflectra SpiraTeam 7.2.00 is vulnerable to Server-Side Request Forgery SSRF via the NewsReaderService. This allows an attacker to escalate privileges and obtain sensitive information...
Inflectra SpiraTeam 安全漏洞
Inflectra SpiraTeam is a project management software from Inflectra, Inc. It is used for the management and delivery of software development and testing projects. A security vulnerability exists in Inflectra SpiraTeam version 7.2.00 that stems from NewsReaderService being vulnerable to a...
CVE-2024-48591
CVE-2024-48591 affects Inflectra SpiraTeam 7.2.00. The vulnerability is a Cross Site Scripting (XSS) flaw where uploading a specially crafted SVG file can be viewed to render and execute JavaScript in the user’s browser. The CVSS 3.1 base score is 6.1 (MEDIUM): Network attack vector, low attack c...