CVE-2026-8208

Gibbon versions before v30.0.01 are affected by a local file inclusion vulnerability resulting in RCE by changing the report archive directory and forcing interpretation of a user provided .zip as PHP. Successful exploitation requires Teacher or higher privileges. Exploitation could result in...

CVE-2025-50179 Tuleap missing CSRF protection on tracker reports manipulation

Tuleap is an Open Source Suite to improve management of software developments and collaboration. An attacker could use a cross-site request forgery vulnerability in Tuleap Community Edition prior to version 16.8.99.1749830289 and Tuleap Enterprise Edition prior to version 16.9-1 to trick victims...

CVE-2025-50179

Summary: CVE-2025-50179 affects Tuleap. The vulnerability is a cross-site request forgery (CSRF) that could allow an attacker to trick victims into changing canned responses. Affected products are Tuleap Community Edition prior to 16.8.99.1749830289 and Tuleap Enterprise Edition prior to 16.9-1. ...

CVE-2022-41236

A cross-site request forgery CSRF vulnerability in Jenkins Security Inspector Plugin 117.v6eecc36919c2 and earlier allows attackers to replace the generated report stored in a per-session cache and displayed to authorized users at the .../report URL with a report based on attacker-specified repor...

Unspecified Remote Elevation of Privilege Vulnerability in IBM TRIRIGA Application Platform

The IBM TRIRIGA Application Platform is a set of technology platforms for deploying TRIRIGA applications from IBM in the United States. The platform provides a set of design-time and run-time components for building and running its enterprise applications, respectively, and supports...