CVE-2021-41142

Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. There is a cross-site scripting vulnerability in Tuleap Community Edition prior to 12.11.99.25 and Tuleap Enterprise Edition 12.11-2. A malicious user with the capability to add and...

CVE-2021-41147

Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. Prior to version 11.16.99.173 of Community Edition and versions 11.16-6 and 11.15-8 of Enterprise Edition, an attacker with admin rights in one agile dashboard service can execute...

EUVD-2023-34991

Malicious code in bioql PyPI...

EUVD-2021-28261

Malicious code in bioql PyPI...

EUVD-2021-28262

Malicious code in bioql PyPI...

EUVD-2021-28259

Malicious code in bioql PyPI...

CVE-2023-30619

Tuleap Open ALM is a Libre and Open Source tool for end to end traceability of application and system developments. The title of an artifact is not properly escaped in the tooltip. A malicious user with the capability to create an artifact or to edit a field title could force victim to execute...

CVE-2021-41148

Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. Prior to version 11.16.99.173 of Community Edition and versions 11.16-6 and 11.15-8 of Enterprise Edition, an attacker with the ability to add one the CI widget to its personal...

Code injection

Tuleap Open ALM is a Libre and Open Source tool for end to end traceability of application and system developments. The title of an artifact is not properly escaped in the tooltip. A malicious user with the capability to create an artifact or to edit a field title could force victim to execute...

CVE-2023-30619 XSS in the tooltip via an artifact title

Tuleap Open ALM is a Libre and Open Source tool for end to end traceability of application and system developments. The title of an artifact is not properly escaped in the tooltip. A malicious user with the capability to create an artifact or to edit a field title could force victim to execute...

CVE-2023-30619 XSS in the tooltip via an artifact title

Tuleap Open ALM is a Libre and Open Source tool for end to end traceability of application and system developments. The title of an artifact is not properly escaped in the tooltip. A malicious user with the capability to create an artifact or to edit a field title could force victim to execute...

Enalean Tuleap Open Alm SQL注入漏洞

Enalean Tuleap Open Alm is a free and open source tool from Enalean France. for end-to-end traceability of application and system development. An SQL injection vulnerability exists in Enalean Tuleap Open Alm, which stems from the fact that Tuleap does not properly clean up user input when...

Enalean Tuleap Open Alm SQL注入漏洞

Enalean Tuleap Open Alm is a free and open source tool from Enalean France. for end-to-end traceability of application and system development. A SQL injection vulnerability exists in Tuleap Open Alm, which allows an attacker with read access to the SVN core repository to execute arbitrary SQL...

CVE-2021-41147

Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. Prior to version 11.16.99.173 of Community Edition and versions 11.16-6 and 11.15-8 of Enterprise Edition, an attacker with admin rights in one agile dashboard service can execute...

CVE-2021-41148

Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. Prior to version 11.16.99.173 of Community Edition and versions 11.16-6 and 11.15-8 of Enterprise Edition, an attacker with the ability to add one the CI widget to its personal...

Sql injection

Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. Prior to version 11.16.99.173 of Community Edition and versions 11.16-6 and 11.15-8 of Enterprise Edition, an attacker with the ability to add one the CI widget to its personal...

CVE-2021-41148 The update of the CI job targeted by a widget is vulnerable to blind SQL injections

Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. Prior to version 11.16.99.173 of Community Edition and versions 11.16-6 and 11.15-8 of Enterprise Edition, an attacker with the ability to add one the CI widget to its personal...

CVE-2021-41147 SQL injection in the planning edition panel

Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. Prior to version 11.16.99.173 of Community Edition and versions 11.16-6 and 11.15-8 of Enterprise Edition, an attacker with admin rights in one agile dashboard service can execute...

Enalean Tuleap Open Alm SQL注入漏洞

Enalean Tuleap Open Alm is a free and open source tool from Enalean France. End-to-end traceability for application and system development. A SQL injection vulnerability exists in Community Edition version 11.16.99.173 and Enterprise Edition versions prior to 11.16-6 and 11.15-8 of Enalean Tuleap...

CVE-2021-41142

Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. There is a cross-site scripting vulnerability in Tuleap Community Edition prior to 12.11.99.25 and Tuleap Enterprise Edition 12.11-2. A malicious user with the capability to add and...