CVE-2023-35929

Tuleap Cross-site Scripting vulnerability in the card field of the agile dashboard apps

Severity Score

5.4

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track*

*SSVC

Descriptions

Tuleap is a free and open source suite to improve management of software development and collaboration. Prior to version 14.10.99.4 of Tuleap Community Edition and prior to versions 14.10-2 and 14.9-5 of Tuleap Enterprise Edition, content displayed in the "card fields" (visible in the kanban and PV2 apps) is not properly escaped. A malicious user with the capability to create an artifact or to edit a field used as a card field could force victim to execute uncontrolled code. Tuleap Community Edition 14.10.99.4, Tuleap Enterprise Edition 14.10-2, and Tuleap Enterprise Edition 14.9-5 contain a fix.

*Credits: N/A

CVSS Scores

NISTv3.1 5.4

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:Track*

Exploitation

Poc

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2023-06-20 CVE Reserved
2023-07-25 CVE Published
2024-07-31 EPSS Updated
2024-10-23 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CAPEC

References (4)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC
https://github.com/Enalean/tuleap/commit/0b2945fbd260d37aa0aff2ca1c867d160f76188d	2023-08-02
https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=0b2945fbd260d37aa0aff2ca1c867d160f76188d	2023-08-02

URL	Date	SRC
https://github.com/Enalean/tuleap/security/advisories/GHSA-xhjp-4rjf-q268	2023-08-02
https://tuleap.net/plugins/tracker/?aid=32629	2023-08-02

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Enalean Search vendor "Enalean"		Tuleap Search vendor "Enalean" for product "Tuleap"				< 14.9-5 Search vendor "Enalean" for product "Tuleap" and version " < 14.9-5"		enterprise		Affected
Enalean Search vendor "Enalean"		Tuleap Search vendor "Enalean" for product "Tuleap"				< 14.10.99.4 Search vendor "Enalean" for product "Tuleap" and version " < 14.10.99.4"		community		Affected
Enalean Search vendor "Enalean"		Tuleap Search vendor "Enalean" for product "Tuleap"				>= 14.10 < 14.10-2 Search vendor "Enalean" for product "Tuleap" and version " >= 14.10 < 14.10-2"		enterprise		Affected