CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2023-38508 – Tuleap allows preview of a linked artifact with a type does not respect permissions
https://notcve.org/view.php?id=CVE-2023-38508
Tuleap is an open source suite to improve management of software developments and collaboration. In Tuleap Community Edition prior to version 14.11.99.28 and Tuleap Enterprise Edition prior to versions 14.10-6 and 14.11-3, the preview of an artifact link with a type does not respect the project, tracker and artifact level permissions. The issue occurs on the artifact view (not reproducible on the artifact modal). Users might get access to information they should not have access to. Only the title, status, assigned to and last update date fields as defined by the semantics are impacted. • https://github.com/Enalean/tuleap/commit/307c1c8044522a2dcc711062b18a3b3f9059a6c3 https://github.com/Enalean/tuleap/security/advisories/GHSA-h637-g4xp-2992 https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=307c1c8044522a2dcc711062b18a3b3f9059a6c3 https://tuleap.net/plugins/tracker/?aid=33608 • CWE-285: Improper Authorization CWE-862: Missing Authorization •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2023-35929 – Tuleap Cross-site Scripting vulnerability in the card field of the agile dashboard apps
https://notcve.org/view.php?id=CVE-2023-35929
Tuleap is a free and open source suite to improve management of software development and collaboration. Prior to version 14.10.99.4 of Tuleap Community Edition and prior to versions 14.10-2 and 14.9-5 of Tuleap Enterprise Edition, content displayed in the "card fields" (visible in the kanban and PV2 apps) is not properly escaped. A malicious user with the capability to create an artifact or to edit a field used as a card field could force victim to execute uncontrolled code. Tuleap Community Edition 14.10.99.4, Tuleap Enterprise Edition 14.10-2, and Tuleap Enterprise Edition 14.9-5 contain a fix. • https://github.com/Enalean/tuleap/commit/0b2945fbd260d37aa0aff2ca1c867d160f76188d https://github.com/Enalean/tuleap/security/advisories/GHSA-xhjp-4rjf-q268 https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=0b2945fbd260d37aa0aff2ca1c867d160f76188d https://tuleap.net/plugins/tracker/?aid=32629 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2023-35938 – User access not updated with privilege change in Tuleap
https://notcve.org/view.php?id=CVE-2023-35938
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. When switching from a project visibility that allows restricted users to `Private without restricted`, restricted users that are project administrators keep this access right. Restricted users that were project administrators before the visibility switch keep the possibility to access the project and do some administration actions. This issue has been resolved in Tuleap version 14.9.99.63. Users are advised to upgrade. • https://github.com/Enalean/tuleap/commit/a108186e7538676c4bf6e615f793f3b787a09b91 https://github.com/Enalean/tuleap/security/advisories/GHSA-rq42-cv6q-3m9q https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=a108186e7538676c4bf6e615f793f3b787a09b91 https://tuleap.net/plugins/tracker/?aid=32278 • CWE-281: Improper Preservation of Permissions •
CVSS: 4.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32072 – Tuleap vulnerable toXSS via the triggered job URL of a Jenkins job
https://notcve.org/view.php?id=CVE-2023-32072
Tuleap is an open source tool for end to end traceability of application and system developments. Tuleap Community Edition prior to version 14.8.99.60 and Tuleap Enterprise edition prior to 14.8-3 and 14.7-7, the logs of the triggered Jenkins job URLs are not properly escaped. A malicious Git administrator can setup a malicious Jenkins hook to make a victim, also a Git administrator, execute uncontrolled code. Tuleap Community Edition 14.8.99.60, Tuleap Enterprise Edition 14.8-3, and Tuleap Enterprise Edition 14.7-7 contain a patch for this issue. Tuleap es una herramienta de código abierto para la trazabilidad de extremo a extremo de los desarrollos de aplicaciones y sistemas. • https://github.com/Enalean/tuleap/commit/6840529def97f564844e810e5a7c5bf837cf58d5 https://github.com/Enalean/tuleap/security/advisories/GHSA-6prc-j58r-fmjq https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=6840529def97f564844e810e5a7c5bf837cf58d5 https://tuleap.net/plugins/tracker/?aid=31929 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2023-23938 – Cross-site Scripting (XSS) through the name of a color of select box values in tuleap
https://notcve.org/view.php?id=CVE-2023-23938
Tuleap is a Free & Source tool for end to end traceability of application and system developments. Affected versions are subject to a cross site scripting attack which can be injected in the name of a color of select box values of a tracker and then reflected in the tracker administration. Administrative privilege is required, but an attacker with tracker administration rights could use this vulnerability to force a victim to execute uncontrolled code in the context of their browser. This issue has been addressed in Tuleap Community Edition version 14.5.99.4. Users are advised to upgrade. • https://github.com/Enalean/tuleap/commit/aacd5e798301f24f218298ec8236ec7bef0f5d52 https://github.com/Enalean/tuleap/security/advisories/GHSA-mqjm-c6rm-9h87 https://tuleap.net/plugins/tracker/?aid=30734 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •