Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

28 matches found

NVD
NVDadded 2023/05/04 2:15 p.m.10 views

CVE-2023-30619

Tuleap Open ALM is a Libre and Open Source tool for end to end traceability of application and system developments. The title of an artifact is not properly escaped in the tooltip. A malicious user with the capability to create an artifact or to edit a field title could force victim to execute...

5.4CVSS5.6AI score0.00593EPSS
Exploits0References4
OSV
OSVadded 2023/05/04 1:35 p.m.23 views

CVE-2023-30619 XSS in the tooltip via an artifact title

Tuleap Open ALM is a Libre and Open Source tool for end to end traceability of application and system developments. The title of an artifact is not properly escaped in the tooltip. A malicious user with the capability to create an artifact or to edit a field title could force victim to execute...

5.4CVSS5.6AI score0.00593EPSS
Exploits0References6
Prion
Prionadded 2022/06/29 6:15 p.m.13 views

Design/Logic Flaw

Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions prior to 13.9.99.111 the title of a document is not properly escaped in the search result of MyDocmanSearch widget and in the administration page of the locked documents. A malicious...

3.5CVSS5.6AI score0.00506EPSS
Exploits0References4Affected Software1
CVE
CVEadded 2022/06/29 5:55 p.m.67 views

CVE-2022-31063

Tuleap vulnerable before version 13.9.99.111 due to improper escaping of the document title in the MyDocmanSearch widget results and in the locked documents administration page. This can allow a malicious user who can create a document to trigger arbitrary code execution on a victim’s system. Aff...

6.5CVSS5.7AI score0.00506EPSS
Exploits0References4Affected Software1
NVD
NVDadded 2021/10/14 4:15 p.m.7 views

CVE-2021-41142

Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. There is a cross-site scripting vulnerability in Tuleap Community Edition prior to 12.11.99.25 and Tuleap Enterprise Edition 12.11-2. A malicious user with the capability to add and...

5.4CVSS0.00444EPSS
Exploits0References4
OSV
OSVadded 2021/10/14 4:15 p.m.10 views

CVE-2021-41142

Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. There is a cross-site scripting vulnerability in Tuleap Community Edition prior to 12.11.99.25 and Tuleap Enterprise Edition 12.11-2. A malicious user with the capability to add and...

5.4CVSS6.3AI score
Exploits0References4
Prion
Prionadded 2021/10/14 4:15 p.m.14 views

Cross site scripting

Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. There is a cross-site scripting vulnerability in Tuleap Community Edition prior to 12.11.99.25 and Tuleap Enterprise Edition 12.11-2. A malicious user with the capability to add and...

3.5CVSS5.4AI score0.00444EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2021/10/14 4:5 p.m.11 views

CVE-2021-41142 XSS via the name of a deleted attachment

Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. There is a cross-site scripting vulnerability in Tuleap Community Edition prior to 12.11.99.25 and Tuleap Enterprise Edition 12.11-2. A malicious user with the capability to add and...

5.4CVSS5.6AI score0.00444EPSS
Exploits0References4
Rows per page
Query Builder