CVE-2025-11279 | Axosoft Scrum and Bug Tracking 22.1.1.11545 Add Work Item Page Title csv injection

Inserito da Angelo Barbosa | Ott 4, 2025 | CVE

A vulnerability classified as critical was found in Axosoft Scrum and Bug Tracking 22.1.1.11545. This issue affects some unknown processing of the component Add Work Item Page. The manipulation of the argument Title results in csv injection.

This vulnerability is reported as CVE-2025-11279. The attack can be launched remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-11279 | Axosoft Scrum and Bug Tracking 22.1.1.11545 Add Work Item Page Title csv injection

Post correlati

CVE-2025-26411 | Wattsense Bridge prior 6.1.0 Plugin Manager unrestricted upload

CVE-2024-20748 | Adobe Acrobat 2020 out-of-bounds (apsb24-07)

CVE-2024-33043 | Qualcomm Snapdragon Auto up to Vision Int Program Service Name Length buffer over-read

CVE-2024-5523 | Astrotalks 03-10-2023 searchString sql injection