Unrated severityNVD Advisory· Published Oct 14, 2024· Updated Oct 15, 2024
Tuleap does not properly check permissions for email notifications in trackers
CVE-2024-46988
Description
Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.40, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15.12-6, users might receive email notification with information they should not have access to. Tuleap Community Edition 15.13.99.40, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15.12-6 fix this issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: <15.13.99.40
- Range: <15.13-3 or <15.12-6 (both affected)
Patches
Vulnerability mechanics
References
2- github.com/Enalean/tuleap/security/advisories/GHSA-g76g-hc92-96xwmitrex_refsource_CONFIRM
- tuleap.net/plugins/tracker/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.