CNNVD-202512-2678 Information

CNNVD ID

CNNVD-202512-2678

Related CVE

CVE-2025-60786

• CNNVD Published: 2025-12-15

Description (Chinese)

iceScrum是法国iceScrum公司的一个项目管理软件。 iceScrum v7.54版本存在安全漏洞，该漏洞源于导入项目组件存在Zip Slip漏洞，可能导致执行任意代码。

Description (English)

IceScrum is a project management software for IceScrum. The EiceScrum v7.54 version has a security loophole, which stems from the Zip Slip gap in imported project components, which may lead to the implementation of any code.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

IceScrum

Published

2025-12-15

Last Modified

2026-02-24

References

https://www.icescrum.com/download/ https://zdaylabs.com/CVE-2025-60786.html https://access.redhat.com/security/cve/cve-2025-60786