CVE-2017-7981
CVE-2017-7981 affects Tuleap before 9.7, where the Project Wiki uses PHPWiki 1.3.10 with a SyntaxHighlighter plugin. The root cause is a command-injection vector in the SyntaxHighlighter’s handling of the syntax argument, exploited via proc_open in PHP when a project wiki page contains a line lik...