GCatt-AS

3 exploits Active since Jan 2025
CVE-2024-48197 NOMISEC MEDIUM WRITEUP
Audiocodes MP-202b 4.4.3 - Cross-Site Scripting via Login Page
Cross Site Scripting vulnerability in Audiocodes MP-202b v.4.4.3 allows a remote attacker to escalate privileges via the login page of the web interface.
CVSS 4.7
CVE-2024-48590 NOMISEC CRITICAL WRITEUP
Inflectra SpiraTeam 7.2.00 - Server-Side Request Forgery via NewsReaderService
Inflectra SpiraTeam 7.2.00 is vulnerable to Server-Side Request Forgery (SSRF) via the NewsReaderService. This allows an attacker to escalate privileges and obtain sensitive information.
CVSS 9.8
CVE-2024-48591 NOMISEC MEDIUM WRITEUP
Inflectra SpiraTeam 7.2.00 - Stored Cross-Site Scripting via SVG File Upload
Inflectra SpiraTeam 7.2.00 is vulnerable to Cross Site Scripting (XSS). A specially crafted SVG file can be uploaded that will render and execute JavaScript upon direct viewing.
CVSS 6.1