Description

Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.110, Tuleap Enterprise Edition 15.13-5, and Tuleap Enterprise Edition 15.12-5, administrators of a project can access the content of trackers with permissions restrictions of project they are members of but not admin via the cross tracker search widget. Tuleap Community Edition 15.13.99.110, Tuleap Enterprise Edition 15.13-5, and Tuleap Enterprise Edition 15.12-8 fix this issue.

INFO

Published Date :

2024-10-14T17:53:55.763Z

Last Modified :

2024-10-15T15:37:35.456Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2024-47766 vulnerability.

Vendors Products
Enalean
  • Tuleap
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-47766.

URL Resource
https://github.com/Enalean/tuleap/commit/529d11b70796589767dd27a40ebadf3eaf8f5674 cve-icon cve-icon
https://github.com/Enalean/tuleap/security/advisories/GHSA-qfrh-fv84-93hx cve-icon cve-icon
https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=529d11b70796589767dd27a40ebadf3eaf8f5674 cve-icon cve-icon
https://tuleap.net/plugins/tracker/?aid=39736 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact