Tuleap 跨站请求伪造漏洞

Tuleap is an open source suite from Enalean Open Source designed to improve the management of software development and collaboration. Tuleap suffers from a cross-site request forgery vulnerability that stems from missing CSRF protection in the tracker view, which could lead to a victim submitting...

PT-2025-13786 · Tuleap · Tuleap

Name of the Vulnerable Software and Affected Versions: Tuleap versions prior to 16.5.99.1741784483 Tuleap Enterprise Edition versions prior to 16.5-3 and 16.4-8 Description: The issue is related to missing CSRF protections on artifact submission and edition from the tracker view. An attacker coul...