CVE-2025-27156

Medium CVSS: 4.1

Tuleap is an Open Source Suite to improve management of software developments and collaboration. The mass emailing features do not sanitize the content of the HTML emails. A malicious user could use this issue to facilitate a phishing attempt or to indirectly exploit issues in the recipients mail clients. This vulnerability is fixed in Tuleap Community Edition 16.4.99.1740567344 and Tuleap Enterprise Edition 16.4-6 and 16.3-11.

Vendor

Enalean

Product

Tuleap

CWE

CWE-79

Yayın Tarihi

2025-03-04 17:15:18

Güncelleme

2025-08-22 15:57:26

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-79 Tuleap MEDIUM Enalean 2025

Referanslar

https://github.com/Enalean/tuleap/commit/a0bc657297b405debce1f5bcbbb30c733f3f09bd https://github.com/Enalean/tuleap/security/advisories/GHSA-x2v2-xr59-c9cf https://tuleap.net/plugins/tracker/?aid=42177

Benzer Kayıtlar

Medium

CVE-2026-24007

Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap is missing CSRF protecti…

Medium

CVE-2025-65962

Tuleap is a free and open source suite for management of software development and collaboration. Versions of Tuleap Comm…

Medium

CVE-2025-64498

Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap Community Edition versio…

Medium

CVE-2025-64499

Tuleap is a free and open source suite for management of software development and collaboration. Tuleap Community Editon…

Medium

CVE-2025-64760

Tuleap is a free and open source suite for management of software development and collaboration. Versions of Tuleap Comm…

Medium

CVE-2025-64497

Tuleap is an Open Source Suite for management of software development and collaboration. Versions below 17.0.99.17624313…