CVE-2024-48591 Information

Description

Inflectra SpiraTeam 7.2.00 is vulnerable to Cross Site Scripting (XSS). A specially crafted SVG file can be uploaded that will render and execute JavaScript upon direct viewing.

Reference

https://github.com/GCatt-AS/CVE-2024-48591