15 matches found
CVE-2022-31063
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions prior to 13.9.99.111 the title of a document is not properly escaped in the search result of MyDocmanSearch widget and in the administration page of the locked documents. A malicious...
EUVD-2024-42170
Malicious code in bioql PyPI...
CVE-2024-46980
Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.37, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15.12-6, a site administrator could create an artifact link type with a forward label allowing them ...
CVE-2024-52599
Tuleap is an open source suite to improve management of software developments and collaboration. In Tuleap Community Edition prior to version 16.1.99.50 and Tuleap Enterprise Edition prior to versions 16.1-4 and 16.0-7, a malicious user with the ability to create an artifact in a tracker with a...
CVE-2023-48715
Tuleap is an open source suite to improve management of software developments and collaboration. Prior to version 15.2.99.103 of Tuleap Community Edition and prior to versions 15.2-4 and 15.1-8 of Tuleap Enterprise Edition, the name of the releases are not properly escaped on the edition page of ...
CVE-2024-52599 Tuleap vulnerable to XSS in the Gantt chart of the tracker plugin
Tuleap is an open source suite to improve management of software developments and collaboration. In Tuleap Community Edition prior to version 16.1.99.50 and Tuleap Enterprise Edition prior to versions 16.1-4 and 16.0-7, a malicious user with the ability to create an artifact in a tracker with a...
CVE-2024-52599 Tuleap vulnerable to XSS in the Gantt chart of the tracker plugin
Tuleap is an open source suite to improve management of software developments and collaboration. In Tuleap Community Edition prior to version 16.1.99.50 and Tuleap Enterprise Edition prior to versions 16.1-4 and 16.0-7, a malicious user with the ability to create an artifact in a tracker with a...
CVE-2024-46980
The CVE-2024-46980 issue affects Tuleap: prior to Tuleap Community Edition 15.13.99.37 and Tuleap Enterprise Edition 15.13-3 / 15.12-6, an artifact link type with a forward label could enable content injection or potentially uncontrolled code execution in an email client. The vulnerability is mit...
CVE-2024-46980 Tuleap vulnerable to XSS in the HTML mail content of the cross reference field
Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.37, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15.12-6, a site administrator could create an artifact link type with a forward label allowing them ...
CVE-2023-48715
Tuleap is an open source suite to improve management of software developments and collaboration. Prior to version 15.2.99.103 of Tuleap Community Edition and prior to versions 15.2-4 and 15.1-8 of Tuleap Enterprise Edition, the name of the releases are not properly escaped on the edition page of ...
CVE-2023-48715 Tuleap vulnerable to Cross-site Scripting on the edition page of a release
Tuleap is an open source suite to improve management of software developments and collaboration. Prior to version 15.2.99.103 of Tuleap Community Edition and prior to versions 15.2-4 and 15.1-8 of Tuleap Enterprise Edition, the name of the releases are not properly escaped on the edition page of ...
CVE-2023-39521
Tuleap is an open source suite to improve management of software developments and collaboration. In Tuleap Community Edition prior to version 14.11.99.28 and Tuleap Enterprise Edition prior to versions 14.10-6 and 14.11-3, content displayed in the "card fields" visible in the kanban and PV2 apps ...
CVE-2023-39521
CVE-2023-39521 affects Tuleap, where content in the Kanban and PV2 apps’ card fields is not properly escaped. The issue can be triggered when an agile dashboard administrator deletes a kanban with a malicious label, potentially allowing uncontrolled code execution. Affected products/versions: Tul...
CVE-2023-35929
Tuleap is a free and open source suite to improve management of software development and collaboration. Prior to version 14.10.99.4 of Tuleap Community Edition and prior to versions 14.10-2 and 14.9-5 of Tuleap Enterprise Edition, content displayed in the "card fields" visible in the kanban and P...
CVE-2021-41142 XSS via the name of a deleted attachment
Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. There is a cross-site scripting vulnerability in Tuleap Community Edition prior to 12.11.99.25 and Tuleap Enterprise Edition 12.11-2. A malicious user with the capability to add and...