Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Tuleap does not properly check permissions for email notifications in trackers
Vulnerability Description
Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.40, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15.12-6, users might receive email notification with information they should not have access to. Tuleap Community Edition 15.13.99.40, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15.12-6 fix this issue.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N
Vulnerability Type
不充分权限或特权的处理不恰当
Vulnerability Title
Enalean Tuleap 安全漏洞
Vulnerability Description
Enalean Tuleap是法国Enalean公司的一个自由的开源工具。用于应用程序和系统开发的端到端可追溯性。 Enalean Tuleap存在安全漏洞。攻击者利用该漏洞可以访问敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A