2 matches found
CVE-2021-43782
Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. This is a follow up to GHSA-887w-pv2r-x8pm/CVE-2021-41276, the initial fix was incomplete. Tuleap does not sanitize properly the search filter built from the ldapid attribute of a user durin...
CVE-2021-43782
CVE-2021-43782 affects Tuleap: an LDAP-related input sanitization flaw during daily synchronization can allow a privileged user to modify ldap_uid, potentially suspending accounts or taking over accounts. Root cause: improper sanitization of the search filter built from the ldap_id attribute. Exp...