CVE-2022-24896

Published
View on NVD ↗
CVSS v3
4.3
MEDIUM
CVSS v2
4
MEDIUM
Affected
1
PROJECT

Description

Tuleap is a Free & Open Source Suite to manage software developments and collaboration. In versions prior to 13.7.99.239 Tuleap does not properly verify authorizations when displaying the content of tracker report renderer and chart widgets. Malicious users could use this vulnerability to retrieve the name of a tracker they cannot access as well as the name of the fields used in reports.

Enalean/tuleap
Enalean/tuleapUNAVAILABLE
Tuleap is an Open Source Suite to improve management of software developments and collaboration. With a single web-based solution, project managers, developers & quality managers can easily build, deploy software projects.
GitHubGitHub
1.12K