Lucene search

K
EnaleanTuleap16.4

6 matches found

CVE
CVE
added 2025/03/04 5:15 p.m.53 views

CVE-2025-27150

Tuleap is an Open Source Suite to improve management of software developments and collaboration. The password to connect the Redis instance is not purged from the archive generated with tuleap collect-system-data. These archives are likely to be used by support teams that should not have access to ...

6.5CVSS5.3AI score0.00047EPSS
CVE
CVE
added 2025/03/04 5:15 p.m.52 views

CVE-2025-27156

Tuleap is an Open Source Suite to improve management of software developments and collaboration. The mass emailing features do not sanitize the content of the HTML emails. A malicious user could use this issue to facilitate a phishing attempt or to indirectly exploit issues in the recipients mail c...

5.4CVSS4.4AI score0.00043EPSS
CVE
CVE
added 2025/03/03 4:15 p.m.51 views

CVE-2025-27099

Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap allows cross-site scripting (XSS) via the tracker names used in the semantic timeframe deletion message. A tracker administrator with a semantic timeframe used by other trackers could use this vu...

4.8CVSS4.9AI score0.00044EPSS
CVE
CVE
added 2025/03/03 4:15 p.m.49 views

CVE-2025-27094

Tuleap is an open-source suite designed to improve software development management and collaboration. A malicious user with access to a tracker could force-reset certain field configurations, leading to potential information loss. The display time attribute for the date field, the size attribute fo...

5.4CVSS5.4AI score0.00196EPSS
CVE
CVE
added 2025/03/04 5:15 p.m.46 views

CVE-2025-27401

Tuleap is an Open Source Suite to improve management of software developments and collaboration. In a standard usages of Tuleap, the issue has a limited impact, it will mostly leave dangling data. However, a malicious user could create and delete reports multiple times to cycle through all the filt...

4.6CVSS4.6AI score0.00046EPSS
CVE
CVE
added 2025/03/04 5:15 p.m.38 views

CVE-2025-27402

Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap is missing CSRF protections on tracker fields administrative operations. An attacker could use this vulnerability to trick victims into removing or updating tracker fields. This vulnerability is ...

4.6CVSS4.7AI score0.00025EPSS