GCatt-AS - Security Researcher - Exploit Intelligence Platform

CVE-2024-48197 NOMISEC MEDIUM WRITEUP

Audiocodes MP-202b <4.4.3 - XSS

Cross Site Scripting vulnerability in Audiocodes MP-202b v.4.4.3 allows a remote attacker to escalate privileges via the login page of the web interface.

CVSS 4.7

View Code

CVE-2024-48590 NOMISEC CRITICAL WRITEUP

Inflectra Spirateam - SSRF

Inflectra SpiraTeam 7.2.00 is vulnerable to Server-Side Request Forgery (SSRF) via the NewsReaderService. This allows an attacker to escalate privileges and obtain sensitive information.

CVSS 9.8

View Code

CVE-2024-48591 NOMISEC MEDIUM WRITEUP

Inflectra Spirateam - XSS

Inflectra SpiraTeam 7.2.00 is vulnerable to Cross Site Scripting (XSS). A specially crafted SVG file can be uploaded that will render and execute JavaScript upon direct viewing.

CVSS 6.1

View Code