Indirect LDAP injection in Tuleap

Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. In affected versions Tuleap does not sanitize properly the search filter built from the ldap_id attribute of a user during the daily synchronization. A malicious user could force accounts to be suspended or take over another account by forcing the update of the ldap_uid attribute. Note that the malicious user either need to have site administrator capability on the Tuleap instance or be an LDAP operator with the capability to create/modify account. The Tuleap instance needs to have the LDAP plugin activated and enabled for this issue to be exploitable. This issue has been patched in Tuleap Community Edition 13.2.99.31, Tuleap Enterprise Edition 13.1-5, and Tuleap Enterprise Edition 13.2-3.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L

输出中的特殊元素转义处理不恰当(注入)

Tuleap 注入漏洞

Tuleap是开源的一个应用程序生命周期管理系统，可促进敏捷软件开发，设计项目，V模型，需求管理和IT服务管理。 Tuleap存在注入漏洞，攻击者可利用该漏洞通过强制更新ldap_uid属性来强制挂起帐户或接管另一个帐户。Tuleap实例需要激活并启用LDAP插件，才能利用此问题。该问题已在Tuleap社区版13.2.99.31，Tuleap企业版13.1-5和Tuleap企业版13.2-3中修补。

N/A

N/A