CVE-2025-11279 🟡 Medium

CVE-2025-11279: Vulnerability in Axosoft Scrum and Bug Tracking

A vulnerability in Axosoft Scrum and Bug Tracking 22.1.1.11545 allows for csv injection via manipulation of the Title argument. The exploit is public.

CVE ID

CVE-2025-11279

CVSS Score

5.5

Vendor

unknown

Published

Oct 05

A vulnerability was detected in Axosoft Scrum and Bug Tracking 22.1.1.11545. This issue affects the Add Work Item Page component. The manipulation of the argument Title results in csv injection that can be exploited remotely. The vendor was contacted about this disclosure but did not respond.

Vulnerability Details

CVE ID: CVE-2025-11279
Severity: Medium
CVSS v3 Score: 5.5 / 10.0
Affected Vendor: unknown
Publication Date: October 05, 2025

External Resources

NIST NVD Database
MITRE CVE

Need Help?

Protect your infrastructure with our comprehensive security scanning tools.

Explore Security Scanners

Back to CVE Database