exploitDog

GHSA-whf8-w5vj-q4w6

Опубликовано: 20 мар. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

Inflectra SpiraTeam 7.2.00 is vulnerable to Cross Site Scripting (XSS). A specially crafted SVG file can be uploaded that will render and execute JavaScript upon direct viewing.

Inflectra SpiraTeam 7.2.00 is vulnerable to Cross Site Scripting (XSS). A specially crafted SVG file can be uploaded that will render and execute JavaScript upon direct viewing.

Ссылки

EPSS

Процентиль: 41%

0.00188

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2024-48591

CVSS3: 6.1

nvd

11 месяцев назад

Inflectra SpiraTeam 7.2.00 is vulnerable to Cross Site Scripting (XSS). A specially crafted SVG file can be uploaded that will render and execute JavaScript upon direct viewing.

EPSS

Процентиль: 41%

0.00188

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79