Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Tuleap's special and always there fields permissions are not verified in cross-tracker search
Vulnerability Description
Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition versions before 16.10.99.1754050155 and Tuleap Enterprise Edition versions before 16.9-8 and before 16.10-5, an attacker can access to the content of the special and always there fields of accessible artifacts even if the permissions associated with the underlying fields do not allow it. This issue has been fixed in Tuleap Community Edition version 16.10.99.1754050155 and Tuleap Enterprise Edition versions 16.9-8 and 16.10-5.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
授权机制不正确
Vulnerability Title
Enalean Tuleap Community Edition和Enalean Tuleap Enterprise Edition 安全漏洞
Vulnerability Description
Enalean Tuleap Community Edition和Enalean Tuleap Enterprise Edition都是Enalean开源的一个开源套件,旨在改善软件开发和协作的管理。 Enalean Tuleap Community Edition和Enalean Tuleap Enterprise Edition存在安全漏洞,该漏洞源于权限绕过,可能导致访问受限字段内容。以下版本受到影响:Tuleap Community Edition 16.10.99.1754050155之前版本和
CVSS Information
N/A
Vulnerability Type
N/A