← Back

Icescrum

icescrum

Vendor: Kagilum • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Kagilum
1Icescrum
Jun 17, 2026
Dec 15, 2025
N/A· v4
8.8 HIGH· v3
N/A· v2
A Zip Slip vulnerability in the import a Project component of iceScrum v7.54 Pro On-prem allows attackers to execute arbitrary code via uploading a crafted Zip file.
1Kagilum
1Icescrum
Jun 17, 2026
Nov 3, 2025
N/A· v4
8.8 HIGH· v3
N/A· v2
A remote code execution (RCE) vulnerability in the Postgres Drivers component of iceScrum v7.54 Pro On-prem allows attackers to execute arbitrary code via a crafted HTML page.