CVE-2021-41142

Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. There is a cross-site scripting vulnerability in Tuleap Community Edition prior to 12.11.99.25 and Tuleap Enterprise Edition 12.11-2. A malicious user with the capability to add and...

CVE-2021-41147

Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. Prior to version 11.16.99.173 of Community Edition and versions 11.16-6 and 11.15-8 of Enterprise Edition, an attacker with admin rights in one agile dashboard service can execute...

EUVD-2021-28261

Malicious code in bioql PyPI...

EUVD-2023-34991

Malicious code in bioql PyPI...

EUVD-2021-28262

Malicious code in bioql PyPI...

EUVD-2021-28259

Malicious code in bioql PyPI...

CVE-2023-30619

Tuleap Open ALM is a Libre and Open Source tool for end to end traceability of application and system developments. The title of an artifact is not properly escaped in the tooltip. A malicious user with the capability to create an artifact or to edit a field title could force victim to execute...

CVE-2021-41148

Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. Prior to version 11.16.99.173 of Community Edition and versions 11.16-6 and 11.15-8 of Enterprise Edition, an attacker with the ability to add one the CI widget to its personal...

Code injection

Tuleap Open ALM is a Libre and Open Source tool for end to end traceability of application and system developments. The title of an artifact is not properly escaped in the tooltip. A malicious user with the capability to create an artifact or to edit a field title could force victim to execute...

CVE-2023-30619

CVE-2023-30619 affects Tuleap Open ALM. The vulnerability is an XSS in the tooltip caused by the artifact title not being properly escaped, which could allow a user with permissions to create an artifact or edit a field title to force execution of malicious code. Affected versions are before 14.7...

CVE-2023-30619 XSS in the tooltip via an artifact title

Tuleap Open ALM is a Libre and Open Source tool for end to end traceability of application and system developments. The title of an artifact is not properly escaped in the tooltip. A malicious user with the capability to create an artifact or to edit a field title could force victim to execute...

CVE-2023-30619 XSS in the tooltip via an artifact title

Tuleap Open ALM is a Libre and Open Source tool for end to end traceability of application and system developments. The title of an artifact is not properly escaped in the tooltip. A malicious user with the capability to create an artifact or to edit a field title could force victim to execute...

Enalean Tuleap Open Alm SQL注入漏洞

Enalean Tuleap Open Alm is a free and open source tool from Enalean France. for end-to-end traceability of application and system development. An SQL injection vulnerability exists in Enalean Tuleap Open Alm, which stems from the fact that Tuleap does not properly clean up user input when...

Enalean Tuleap Open Alm SQL注入漏洞

Enalean Tuleap Open Alm is a free and open source tool from Enalean France. for end-to-end traceability of application and system development. A SQL injection vulnerability exists in Tuleap Open Alm, which allows an attacker with read access to the SVN core repository to execute arbitrary SQL...

CVE-2021-41148

Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. Prior to version 11.16.99.173 of Community Edition and versions 11.16-6 and 11.15-8 of Enterprise Edition, an attacker with the ability to add one the CI widget to its personal...

CVE-2021-41147

Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. Prior to version 11.16.99.173 of Community Edition and versions 11.16-6 and 11.15-8 of Enterprise Edition, an attacker with admin rights in one agile dashboard service can execute...

Sql injection

Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. Prior to version 11.16.99.173 of Community Edition and versions 11.16-6 and 11.15-8 of Enterprise Edition, an attacker with the ability to add one the CI widget to its personal...

Sql injection

Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. Prior to version 11.16.99.173 of Community Edition and versions 11.16-6 and 11.15-8 of Enterprise Edition, an attacker with admin rights in one agile dashboard service can execute...

CVE-2021-41148 The update of the CI job targeted by a widget is vulnerable to blind SQL injections

Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. Prior to version 11.16.99.173 of Community Edition and versions 11.16-6 and 11.15-8 of Enterprise Edition, an attacker with the ability to add one the CI widget to its personal...

CVE-2021-41148

CVE-2021-41148 affects Tuleap Open ALM. Affected: Community Edition <11.16.99.173 and Enterprise Edition