3 matches found
CVE-2024-47767 Tuleap lists trackers in the quick add actions of the backlog without any permissions check
Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.113, Tuleap Enterprise Edition 15.13-5, and Tuleap Enterprise Edition 15.12-5, users might see tracker names they should not have access to. Tuleap Community Edition...
Enalean Tuleap 安全漏洞
Enalean Tuleap is a free and open source tool from the French company Enalean. It is used for end-to-end traceability of application and system development. A security vulnerability exists in Enalean Tuleap. An attacker exploiting the vulnerability could access sensitive information...
CVE-2023-23938
CVE-2023-23938 describes a cross-site scripting (XSS) vulnerability in Tuleap. Affected: Tuleap Community Edition and related builds prior to version 14.5.99.4. The issue arises when the name of a color used for values in a tracker’s select box is reflected in the tracker administration page, ena...