3 matches found
CVE-2022-31063
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions prior to 13.9.99.111 the title of a document is not properly escaped in the search result of MyDocmanSearch widget and in the administration page of the locked documents. A malicious...
CVE-2022-31063 Cross site scripting via the title of a document in Tuleap
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions prior to 13.9.99.111 the title of a document is not properly escaped in the search result of MyDocmanSearch widget and in the administration page of the locked documents. A malicious...
CVE-2022-31063
Tuleap vulnerable before version 13.9.99.111 due to improper escaping of the document title in the MyDocmanSearch widget results and in the locked documents administration page. This can allow a malicious user who can create a document to trigger arbitrary code execution on a victim’s system. Aff...