Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
enalean tuleap vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-23473
Tuleap is an Open Source Suite to improve management of software developments and collaboration. In versions before 14.2.99.148, Authorizations are not properly verified when accessing MediaWiki standalone resources. Users with read only permissions for pages are able to also edi...
Enalean Tuleap
356
VMScore
CVE-2022-24896
Tuleap is a Free & Open Source Suite to manage software developments and collaboration. In versions before 13.7.99.239 Tuleap does not properly verify authorizations when displaying the content of tracker report renderer and chart widgets. Malicious users could use this vulne...
Enalean Tuleap
NA
CVE-2023-30619
Tuleap Open ALM is a Libre and Open Source tool for end to end traceability of application and system developments. The title of an artifact is not properly escaped in the tooltip. A malicious user with the capability to create an artifact or to edit a field title could force vic...
Enalean Tuleap
NA
CVE-2023-48715
Tuleap is an open source suite to improve management of software developments and collaboration. Prior to version 15.2.99.103 of Tuleap Community Edition and prior to versions 15.2-4 and 15.1-8 of Tuleap Enterprise Edition, the name of the releases are not properly escaped on the...
Enalean Tuleap
755
VMScore
CVE-2018-7538
A SQL injection vulnerability in the tracker functionality of Enalean Tuleap software engineering platform prior to 9.18 allows malicious users to execute arbitrary SQL commands.
Enalean Tuleap
1 EDB exploit
NA
CVE-2023-32072
Tuleap is an open source tool for end to end traceability of application and system developments. Tuleap Community Edition prior to version 14.8.99.60 and Tuleap Enterprise edition before 14.8-3 and 14.7-7, the logs of the triggered Jenkins job URLs are not properly escaped. A ma...
Enalean Tuleap
NA
CVE-2024-23344
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Some users might get access to restricted information when a process validates the permissions of multiple users (e.g. mail notifications). This issue has been patched in version 15.4...
Enalean Tuleap
312
VMScore
CVE-2021-41142
Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. There is a cross-site scripting vulnerability in Tuleap Community Edition before 12.11.99.25 and Tuleap Enterprise Edition 12.11-2. A malicious user with the capabi...
Enalean Tuleap
660
VMScore
CVE-2014-7176
SQL injection vulnerability in Enalean Tuleap prior to 7.5.99.4 allows remote authenticated users to execute arbitrary SQL commands via the lobal_txt parameter to plugins/docman.
Enalean Tuleap
2 EDB exploits
405
VMScore
CVE-2014-7177
XML External Entity vulnerability in Enalean Tuleap 7.2 and previous versions allows remote authenticated users to read arbitrary files via a crafted xml document in a create action to plugins/tracker/.
Enalean Tuleap
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »