Skip to main content

Spirateam

2 CVEs product

Monthly

CVE-2024-48591 MEDIUM This Month

Inflectra SpiraTeam 7.2.00 is vulnerable to Cross Site Scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Spirateam
NVD GitHub
CVSS 3.1
6.1
EPSS
0.2%
CVE-2024-48590 CRITICAL Act Now

Inflectra SpiraTeam 7.2.00 is vulnerable to Server-Side Request Forgery (SSRF) via the NewsReaderService. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Spirateam
NVD GitHub
CVSS 3.1
9.8
EPSS
2.3%
EPSS 0% CVSS 6.1
MEDIUM This Month

Inflectra SpiraTeam 7.2.00 is vulnerable to Cross Site Scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Spirateam
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL Act Now

Inflectra SpiraTeam 7.2.00 is vulnerable to Server-Side Request Forgery (SSRF) via the NewsReaderService. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Spirateam
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy