CVE-2023-30619

Tuleap Open ALM is a Libre and Open Source tool for end to end traceability of application and system developments. The title of an artifact is not properly escaped in the tooltip. A malicious user with the capability to create an artifact or to edit a field title could force victim to execute...

Enalean Tuleap 跨站脚本漏洞

Enalean Tuleap is a free and open source tool from the French company Enalean. For end-to-end traceability of application and system development. A cross-site scripting vulnerability exists in Enalean Tuleap Community Edition prior to 16.1.99.50 and Enalean Tuleap Enterprise Edition prior to 16.1...

PT-2024-35395 · Unknown · Tuleap Community Edition +1

Name of the Vulnerable Software and Affected Versions: Tuleap Community Edition versions prior to 16.1.99.50 Tuleap Enterprise Edition versions prior to 16.1-4 Tuleap Enterprise Edition versions prior to 16.0-7 Description: A malicious user with the ability to create an artifact in a tracker with...

CVE-2023-35929

Tuleap CVE-2023-35929 is a cross-site scripting vulnerability in card fields of the kanban and PV2 apps. The issue occurs when content displayed in card fields is not properly escaped, allowing a malicious user who can create an artifact or edit a card-field to cause script execution. Affected ve...