Medium
CVSS: 4.6
Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap is missing CSRF protection in the Overview inconsistent items. An attacker could use this vulnerability to trick victims into repairing inconsis…
Medium
CVSS: 4.6
Tuleap is a free and open source suite for management of software development and collaboration. Versions of Tuleap Community Edition prior to 17.0.99.1763803709 and Tuleap Enterprise Edition versions prior to 17.0-4 and 16.13-9 are mission…
Medium
CVSS: 4.6
Tuleap is a free and open source suite for management of software development and collaboration. Versions of Tuleap Community Edition prior to 17.0.99.1763126988 and Tuleap Enterprise Edition prior to 17.0-3 and 16.13-8 have missing CSRF pr…
Medium
CVSS: 4.6
Tuleap is a free and open source suite for management of software development and collaboration. Tuleap Community Editon versions prior to 17.0.99.1762456922 and Tuleap Enterprise Edition versions prior to 17.0-2, 16.13-7 and 16.12-10 are v…
Medium
CVSS: 4.6
Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap Community Edition versions below 17.0.99.1762444754 and Tuleap Enterprise Edition versions prior to 17.0-2, 16.13-7 and 16.12-10 allow attacker…
Medium
CVSS: 6.5
Tuleap is an Open Source Suite for management of software development and collaboration. Versions below 17.0.99.1762431347 of Tuleap Community Edition and Tuleap Enterprise Edition below 17.0-2, 16.13-7 and 16.12-10 allow attackers to acce…
Medium
CVSS: 5.3
Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition versions before 16.10.99.1754050155 and Tuleap Enterprise Edition versions before 16.9-8 and before 16.10…
Medium
CVSS: 4.3
Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition prior to version 16.9.99.1752585665 and Tuleap Enterprise Edition prior to 16.8-6 and 16.9-5, users may p…
Medium
CVSS: 5.4
Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition prior to version 16.9.99.1751892857 and Tuleap Enterprise Edition prior to 16.8-5 and 16.9-3, malicious u…
Medium
CVSS: 5.3
Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition prior to version 16.9.99.1750843170 and Tuleap Enterprise Edition prior to 16.8-4 and 16.9-2, the forgot…
Medium
CVSS: 4.6
Tuleap is an Open Source Suite to improve management of software developments and collaboration. An attacker could use a cross-site request forgery vulnerability in Tuleap Community Edition prior to version 16.8.99.1749830289 and Tuleap Ent…
Medium
CVSS: 4.6
Tuleap is an Open Source Suite to improve management of software developments and collaboration. An attacker could use a vulnerability present in Tuleap Community Edition prior to version 16.8.99.1748845907 and Tuleap Enterprise Edition pri…
Medium
CVSS: 5.3
Tuleap is an Open Source Suite to improve management of software developments and collaboration. An attacker can access release notes content or information via the FRS REST endpoints it should not have access to. This vulnerability is fixe…
Medium
CVSS: 4.8
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap allows cross-site scripting (XSS) via the content of RSS feeds in the RSS widgets. A project administrator or someone with control over…
Medium
CVSS: 4.3
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap does not enforce read permissions on parent trackers in the REST API. This vulnerability is fixed in Tuleap Community Edition 16.5.99.17…
Medium
CVSS: 4.6
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap is missing CSRF protection on tracker hierarchy administration. An attacker could use this vulnerability to trick victims into submittin…
Medium
CVSS: 4.6
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap has missing CSRF protections on artifact submission & edition from the tracker view. An attacker could use this vulnerability to trick v…
Medium
CVSS: 4.6
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap is missing CSRF protections on tracker fields administrative operations. An attacker could use this vulnerability to trick victims into…
Medium
CVSS: 4.6
Tuleap is an Open Source Suite to improve management of software developments and collaboration. In a standard usages of Tuleap, the issue has a limited impact, it will mostly leave dangling data. However, a malicious user could create and…
Medium
CVSS: 4.1
Tuleap is an Open Source Suite to improve management of software developments and collaboration. The mass emailing features do not sanitize the content of the HTML emails. A malicious user could use this issue to facilitate a phishing attem…