8 matches found
CVE-2022-31063
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions prior to 13.9.99.111 the title of a document is not properly escaped in the search result of MyDocmanSearch widget and in the administration page of the locked documents. A malicious...
EUVD-2021-30696
Malicious code in bioql PyPI...
CVE-2025-52899
Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition prior to version 16.9.99.1750843170 and Tuleap Enterprise Edition prior to 16.8-4 and 16.9-2, the forgot password form allows for user enumeration. This is fixed ...
CVE-2022-31032
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions prior to 13.9.99.58 authorizations are not properly verified when creating projects or trackers from projects marked as templates. Users can get access to information in those templa...
CVE-2025-29929
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap is missing CSRF protection on tracker hierarchy administration. An attacker could use this vulnerability to trick victims into submitting or editing artifacts or follow-up comments. This...
CVE-2025-29929 Tuleap is missing CSRF protection on tracker hierarchy administration
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap is missing CSRF protection on tracker hierarchy administration. An attacker could use this vulnerability to trick victims into submitting or editing artifacts or follow-up comments. This...
PT-2025-9510 · Unknown +1 · Tuleap Community Edition +2
Name of the Vulnerable Software and Affected Versions: Tuleap versions prior to 16.4.99.1740067916 Tuleap Enterprise Edition versions prior to 16.4-5 and 16.3-10 Description: Tuleap is an Open Source Suite to improve management of software developments and collaboration. It allows cross-site...
CVE-2022-24896 Tracker report renderer and chart widgets leak information in Tuleap
Tuleap is a Free & Open Source Suite to manage software developments and collaboration. In versions prior to 13.7.99.239 Tuleap does not properly verify authorizations when displaying the content of tracker report renderer and chart widgets. Malicious users could use this vulnerability to retriev...