Security Advisory
CVE-2024-48590
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Inflectra SpiraTeam 7.2.00 is vulnerable to Server-Side Request Forgery (SSRF) via the NewsReaderService. This allows an attacker to escalate privileges and obtain sensitive information.