PT-2025-13787 · Tuleap · Tuleap

Name of the Vulnerable Software and Affected Versions: Tuleap versions prior to 16.5.99.1742306712 Tuleap Enterprise Edition versions prior to 16.5-5 and 16.4-8 Description: The issue is related to the lack of CSRF protection on tracker hierarchy administration. An attacker could exploit this to...

CVE-2023-23938

Tuleap is a Free & Source tool for end to end traceability of application and system developments. Affected versions are subject to a cross site scripting attack which can be injected in the name of a color of select box values of a tracker and then reflected in the tracker administration...

CVE-2023-23938 Cross-site Scripting (XSS) through the name of a color of select box values in tuleap

Tuleap is a Free & Source tool for end to end traceability of application and system developments. Affected versions are subject to a cross site scripting attack which can be injected in the name of a color of select box values of a tracker and then reflected in the tracker administration...

PT-2023-19309 · Tuleap · Tuleap

Name of the Vulnerable Software and Affected Versions: Tuleap versions prior to 14.5.99.4 Description: The issue is a cross-site scripting attack that can be injected in the name of a color of select box values of a tracker and then reflected in the tracker administration. Administrative privileg...