CVE-2018-7634
CVE-2018-7634 describes a CSRF flaw in Enalean Tuleap 9.17 where the change-email functionality lacks CSRF mitigation. This allows a CSRF attacker to cause a victim to update their registered email, potentially leading to account takeover. The root cause is insufficient CSRF protection in the ema...