Remote Code Execution Vulnerability in Postgres Drivers of iceScrum by iceScrum
CVE-2025-60785

Currently unrated

Key Information:

Vendor: iceScrum
Status: iceScrum v7.54 Pro On-prem
Vendor: CVE Published:; 3 November 2025

What is CVE-2025-60785?

A vulnerability in the Postgres Drivers component of iceScrum v7.54 Pro On-prem enables attackers to perform remote code execution. By exploiting this flaw, an attacker can execute arbitrary code on the server through a specially crafted HTML page. This raises serious security implications for users of the affected version, allowing potential unauthorized access and manipulation of system resources.

References

https://zdaylabs.com/CVE-2025-60785.html

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 3, 2025
Vulnerability Reserved
Sep 26, 2025

JSON