Описание
Tuleap Open ALM is a Libre and Open Source tool for end to end traceability of application and system developments. The title of an artifact is not properly escaped in the tooltip. A malicious user with the capability to create an artifact or to edit a field title could force victim to execute uncontrolled code. This issue has been patched in version 14.7.99.143.
Ссылки
- Patch
- PatchVendor Advisory
- Patch
- PatchVendor Advisory
- Patch
- PatchVendor Advisory
- Patch
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 14.7.99.76 (включая) до 14.7.99.143 (исключая)
cpe:2.3:a:enalean:tuleap:*:*:*:*:community:*:*:*
EPSS
Процентиль: 67%
0.00528
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79
EPSS
Процентиль: 67%
0.00528
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79