Icescrum
by Severance
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-60786 | 0.00 | — | 0.01 | Dec 15, 2025 | A Zip Slip vulnerability in the import a Project component of iceScrum v7.54 Pro On-prem allows attackers to execute arbitrary code via uploading a crafted Zip file. | |||
| CVE-2025-60785 | 0.00 | — | 0.01 | Nov 3, 2025 | A remote code execution (RCE) vulnerability in the Postgres Drivers component of iceScrum v7.54 Pro On-prem allows attackers to execute arbitrary code via a crafted HTML page. |
- CVE-2025-60786Dec 15, 2025risk 0.00cvss —epss 0.01
A Zip Slip vulnerability in the import a Project component of iceScrum v7.54 Pro On-prem allows attackers to execute arbitrary code via uploading a crafted Zip file.
- CVE-2025-60785Nov 3, 2025risk 0.00cvss —epss 0.01
A remote code execution (RCE) vulnerability in the Postgres Drivers component of iceScrum v7.54 Pro On-prem allows attackers to execute arbitrary code via a crafted HTML page.