Spirateam Security Vulnerabilities and Issues — Spirateam CVE List

Lucene search

InflectraSpirateam

2 matches found

CVE•added 2025/03/20 2:15 p.m.•52 views

CVE-2024-48590

Inflectra SpiraTeam 7.2.00 is vulnerable to Server-Side Request Forgery (SSRF) via the NewsReaderService. This allows an attacker to escalate privileges and obtain sensitive information.

9.8CVSS7.1AI score0.02242EPSS

CVE•added 2025/03/20 3:15 p.m.•51 views

CVE-2024-48591

Inflectra SpiraTeam 7.2.00 is vulnerable to Cross Site Scripting (XSS). A specially crafted SVG file can be uploaded that will render and execute JavaScript upon direct viewing.

6.1CVSS6.6AI score0.00234EPSS