CVE-2025-60786

Description

A Zip Slip vulnerability in the import a Project component of iceScrum v7.54 Pro On-prem allows attackers to execute arbitrary code via uploading a crafted Zip file.

PUBLISHED Reserved 2025-09-26 | Published 2025-12-15 | Updated 2025-12-15 | Assigner mitre

References

www.icescrum.com/download/

zdaylabs.com/CVE-2025-60786.html

cve.org (CVE-2025-60786)

nvd.nist.gov (CVE-2025-60786)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.