VYPR
High severity8.8OSV Advisory· Published Mar 1, 2018· Updated Jun 17, 2026

CVE-2018-7634

CVE-2018-7634

Description

An issue was discovered in Enalean Tuleap 9.17. Lack of CSRF attack mitigation while changing an e-mail address makes it possible to abuse the functionality by attackers. By making a CSRF attack, an attacker could make a victim change his registered e-mail address on the application, leading to account takeover.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Enalean/TuleapOSV2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: 9.17

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.