2 matches found
CVE-2023-23938
CVE-2023-23938 describes a cross-site scripting (XSS) vulnerability in Tuleap. Affected: Tuleap Community Edition and related builds prior to version 14.5.99.4. The issue arises when the name of a color used for values in a tracker’s select box is reflected in the tracker administration page, ena...
CVE-2023-23938 Cross-site Scripting (XSS) through the name of a color of select box values in tuleap
Tuleap is a Free & Source tool for end to end traceability of application and system developments. Affected versions are subject to a cross site scripting attack which can be injected in the name of a color of select box values of a tracker and then reflected in the tracker administration...