CNNVD-202510-3607 Information

CNNVD ID

CNNVD-202510-3607

Related CVE

CVE-2025-12249

• CNNVD Published: 2025-10-27

Description (Chinese)

Axosoft Scrum and Bug Tracking是美国Axosoft公司的一个敏捷项目管理与缺陷跟踪软件。 Axosoft Scrum and Bug Tracking 22.1.1.11545版本存在安全漏洞，该漏洞源于对组件Edit Ticket Page中参数Title的错误操作，可能导致csv注入攻击。

Description (English)

Axosoft Scrum and Bug Tracking is an agile project management and bug tracking software for Axosoft in the United States. The Axosoft Scrum and Bug Tracking 22.1.11545 contains a security loophole, which stems from a mishandling of Title, the parameter in component Edit Ticket Page, which may result in an injection attack on csv.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Axosoft

Published

2025-10-27

Last Modified

2026-02-24

References

https://drive.google.com/file/d/1EtmG4IyNQO7VStycpkSl9iivURrYQBSD/view?usp=sharing https://vuldb.com/?ctiid.329920 https://vuldb.com/?id.329920 https://vuldb.com/?submit.673851