Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
enalean tuleap vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-41148
Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. Prior to version 11.16.99.173 of Community Edition and versions 11.16-6 and 11.15-8 of Enterprise Edition, an attacker with the ability to add one the CI widget to ...
Enalean Tuleap
8.8
CVSSv3
CVE-2021-41155
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions Tuleap does not sanitize properly user inputs when constructing the SQL query to browse and search revisions in the CVS repositories. The following vers...
Enalean Tuleap
5.4
CVSSv3
CVE-2023-30619
Tuleap Open ALM is a Libre and Open Source tool for end to end traceability of application and system developments. The title of an artifact is not properly escaped in the tooltip. A malicious user with the capability to create an artifact or to edit a field title could force vic...
Enalean Tuleap
5.4
CVSSv3
CVE-2021-41142
Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. There is a cross-site scripting vulnerability in Tuleap Community Edition before 12.11.99.25 and Tuleap Enterprise Edition 12.11-2. A malicious user with the capabi...
Enalean Tuleap
5.4
CVSSv3
CVE-2023-35929
Tuleap is a free and open source suite to improve management of software development and collaboration. Prior to version 14.10.99.4 of Tuleap Community Edition and prior to versions 14.10-2 and 14.9-5 of Tuleap Enterprise Edition, content displayed in the "card fields" ...
Enalean Tuleap
7.2
CVSSv3
CVE-2021-43782
Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. This is a follow up to GHSA-887w-pv2r-x8pm/CVE-2021-41276, the initial fix was incomplete. Tuleap does not sanitize properly the search filter built from the ldap_id attribu...
Enalean Tuleap
4.8
CVSSv3
CVE-2023-39521
Tuleap is an open source suite to improve management of software developments and collaboration. In Tuleap Community Edition prior to version 14.11.99.28 and Tuleap Enterprise Edition prior to versions 14.10-6 and 14.11-3, content displayed in the "card fields" (visible...
Enalean Tuleap
4.3
CVSSv3
CVE-2022-31032
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions before 13.9.99.58 authorizations are not properly verified when creating projects or trackers from projects marked as templates. Users can get access to informat...
Enalean Tuleap
4.8
CVSSv3
CVE-2023-23938
Tuleap is a Free & Source tool for end to end traceability of application and system developments. Affected versions are subject to a cross site scripting attack which can be injected in the name of a color of select box values of a tracker and then reflected in the tracker a...
Enalean Tuleap
7.2
CVSSv3
CVE-2022-31058
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions before 13.9.99.95 Tuleap does not sanitize properly user inputs when constructing the SQL query to retrieve data for the tracker reports. An attacker with the ca...
Enalean Tuleap
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »