CVE-2026-24007

Medium CVSS: 4.6

Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap is missing CSRF protection in the Overview inconsistent items. An attacker could use this vulnerability to trick victims into repairing inconsistent items (creating artifact links from the release). This vulnerability is fixed in Tuleap Community Edition 17.0.99.1768924735 and Tuleap Enterprise Edition 17.2-5, 17.1-6, and 17.0-9.

Vendor

Enalean

Product

Tuleap

CWE

CWE-352

Yayın Tarihi

2026-02-02 23:16:07

Güncelleme

2026-02-23 20:29:40

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-352 Tuleap MEDIUM Enalean 2026

Referanslar

https://github.com/Enalean/tuleap/commit/5ec5e81e409892fe0e41f11d5d36ee6c85a6fbb5 https://github.com/Enalean/tuleap/security/advisories/GHSA-7g48-rwqj-ffxw https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=5ec5e81e409892fe0e41f11d5d36ee6c85a6fbb5 https://tuleap.net/plugins/tracker/?aid=46389

Benzer Kayıtlar

Medium

CVE-2025-65962

Tuleap is a free and open source suite for management of software development and collaboration. Versions of Tuleap Comm…

Medium

CVE-2025-64498

Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap Community Edition versio…

Medium

CVE-2025-64499

Tuleap is a free and open source suite for management of software development and collaboration. Tuleap Community Editon…

Medium

CVE-2025-64760

Tuleap is a free and open source suite for management of software development and collaboration. Versions of Tuleap Comm…

Medium

CVE-2025-64497

Tuleap is an Open Source Suite for management of software development and collaboration. Versions below 17.0.99.17624313…

Medium

CVE-2025-54877

Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Com…