CVE-2024-46980

by Fred · 14/10/2024

Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.37, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15.12-6, a site administrator could create an artifact link type with a forward label allowing them to execute uncontrolled code (or at least achieve content injection) in a mail client. Tuleap Community Edition 15.13.99.37, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15.12-6 fix this issue.

More information : https://github.com/Enalean/tuleap/security/advisories/GHSA-9fc9-47h6-82jj

CVE-2024-46980

Similar

Recent Posts

Categories

CVE-2024-46980

Share this:

Similar

Recent Posts

Categories

Tags