An issue was discovered in Enalean Tuleap before 10.5. Reset password links are not invalidated after a user changes its password.
oryginał ENCVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HEnalean Tuleap
APPEnalean< 10.5
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje
Powiązane podatności
CVE-2018-7538CRITICAL9.8ten sam produkt
A SQL injection vulnerability in the tracker functionality of Enalean Tuleap software engineering platform bef...
CVE-2024-30246HIGH7.6ten sam produkt
Tuleap is an Open Source Suite to improve management of software developments and collaboration. A malicious u...
CVE-2022-31058HIGH7.2ten sam produkt
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In vers...
CVE-2021-43806HIGH8.8ten sam produkt
Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. In ...
CVE-2021-41154HIGH8.8ten sam produkt
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affe...