Page 7 of 40 results (0.005 seconds)

CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0

Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. There is a cross-site scripting vulnerability in Tuleap Community Edition prior to 12.11.99.25 and Tuleap Enterprise Edition 12.11-2. A malicious user with the capability to add and remove attachment to an artifact could force a victim to execute uncontrolled code. Tuleap Community Edition 11.17.99.146 and Tuleap Enterprise Edition 12.11-2 contain a fix for the issue. Tuleap Open ALM es una herramienta libre y de código abierto para la trazabilidad de extremo a extremo de los desarrollos de aplicaciones y sistemas. • https://github.com/Enalean/tuleap/commit/d6c837ed6fa66d319175954a42f93d4d86745208 https://github.com/Enalean/tuleap/security/advisories/GHSA-p3j6-6h9h-34r5 https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=d6c837ed6fa66d319175954a42f93d4d86745208 https://tuleap.net/plugins/tracker/?aid=22570 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Enalean Tuleap before 10.5. Reset password links are not invalidated after a user changes its password. Se ha descubierto un problema en Enalean Tuleap en versiones anteriores a la 10.5. Los enlaces de reinicio de contraseña no están validados después de que el usuario cambie su contraseña. • https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=4050b0aafd18346d9a6a06967bfb1170824dab17 https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=b87d3b807f39c00371ebaa50f938cb0110113538 https://tuleap.net/plugins/tracker/?aid=12219 • CWE-640: Weak Password Recovery Mechanism for Forgotten Password •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 3

A SQL injection vulnerability in the tracker functionality of Enalean Tuleap software engineering platform before 9.18 allows attackers to execute arbitrary SQL commands. Una vulnerabilidad de inyección SQL en la funcionalidad tracker de la plataforma de ingeniería de software Enalean Tuleap, en versiones anteriores a la 9.18, permite que atacantes ejecuten comandos SQL arbitrarios. Tuleap version 9.17.99.189 suffers from a remote SQL injection vulnerability. • https://www.exploit-db.com/exploits/44286 http://seclists.org/fulldisclosure/2018/Mar/20 https://github.com/cmaruti/reports/blob/master/tuleap.pdf https://tuleap.net/plugins/tracker/?aid=11192 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2

An issue was discovered in Enalean Tuleap 9.17. Lack of CSRF attack mitigation while changing an e-mail address makes it possible to abuse the functionality by attackers. By making a CSRF attack, an attacker could make a victim change his registered e-mail address on the application, leading to account takeover. Se ha descubierto un problema en Enalean Tuleap 9.17. La falta de mitigación de ataques Cross-Site Request Forgery (CSRF) al cambiar una dirección de email posibilita que los atacantes puedan abusar de la funcionalidad. • https://github.com/Enalean/tuleap/commit/0843c046eee54b16ec6a7753c575838212770189 https://mustafairan.wordpress.com/2018/03/05/tuleap-mail-change-csrf-vulnerability-leads-to-account-takeover https://tuleap.net/plugins/git/tuleap/tuleap/stable?p=tuleap%2Fstable.git&a=commit&h=d6701289ae55de900929ff0f66313fa9771a198d https://tuleap.net/plugins/tracker/?aid=11217 https://twitter.com/Mustafaran/status/970745812887199744 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 8.8EPSS: 70%CPEs: 1EXPL: 2

An issue was discovered in Enalean Tuleap 9.6 and prior versions. The vulnerability exists because the User::getRecentElements() method is using the unserialize() function with a preference value that can be arbitrarily manipulated by malicious users through the REST API interface, and this can be exploited to inject arbitrary PHP objects into the application scope, allowing an attacker to perform a variety of attacks (including but not limited to Remote Code Execution). Se ha descubierto un problema en Enalean Tuleap en versiones 9.6 y anteriores. La vulnerabilidad existe debido a que el método User::getRecentElements() está empleando la función unserialize() con un valor de preferencia que puede ser manipulado de forma arbitraria por usuarios maliciosos mediante la interfaz REST de API. Esto puede ser explotado para inyectar objetos PHP arbitrarios en el ámbito de la aplicación, lo que permite que un atacante realice una serie de ataques (incluyendo, pero no limitados a la ejecución remota de código). • https://www.exploit-db.com/exploits/43374 http://karmainsecurity.com/KIS-2017-02 http://packetstormsecurity.com/files/144716/Tuleap-9.6-Second-Order-PHP-Object-Injection.html http://seclists.org/fulldisclosure/2017/Oct/53 http://www.openwall.com/lists/oss-security/2017/10/23/3 https://tuleap.net/plugins/tracker/?aid=10118 • CWE-94: Improper Control of Generation of Code ('Code Injection') •