CVE-2024-46980

Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.37, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15.12-6, a site administrator could create an artifact link type with a forward label allowing them to execute uncontrolled code (or at least achieve content injection) in a mail client. Tuleap Community Edition 15.13.99.37, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15.12-6 fix this issue.

CVSS v3 4.8 MEDIUM

4.8^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.7 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact LOW

Scope CHANGED

References

Link	Resource
https://github.com/Enalean/tuleap/commit/dd94a799982cd78ab06142008d745edf9e8fd494	Patch
https://github.com/Enalean/tuleap/security/advisories/GHSA-9fc9-47h6-82jj	Third Party Advisory
https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=dd94a799982cd78ab06142008d745edf9e8fd494	Issue Tracking Patch
https://tuleap.net/plugins/tracker/?aid=39689	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:enalean:tuleap:::::enterprise:::*
	cpe:2.3:a:enalean:tuleap:::::community:::*
	cpe:2.3:a:enalean:tuleap:::::enterprise:::*

History

No history.

Information

Published : 2024-10-14 18:15

Updated : 2024-10-16 14:05

NVD link : CVE-2024-46980

Mitre link : CVE-2024-46980

CVE.ORG link : CVE-2024-46980

JSON object : View

Products Affected

enalean

tuleap

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2024-46980", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "impactScore": 2.7, "exploitabilityScore": 1.7}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 1.7}]}, "published": "2024-10-14T18:15:03.947", "references": [{"url": "https://github.com/Enalean/tuleap/commit/dd94a799982cd78ab06142008d745edf9e8fd494", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/Enalean/tuleap/security/advisories/GHSA-9fc9-47h6-82jj", "tags": ["Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=dd94a799982cd78ab06142008d745edf9e8fd494", "tags": ["Issue Tracking", "Patch"], "source": "security-advisories@github.com"}, {"url": "https://tuleap.net/plugins/tracker/?aid=39689", "tags": ["Exploit", "Third Party Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.37, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15.12-6, a site administrator could create an artifact link type with a forward label allowing them to execute uncontrolled code (or at least achieve content injection) in a mail client. Tuleap Community Edition 15.13.99.37, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15.12-6 fix this issue."}, {"lang": "es", "value": "Tuleap es una herramienta para la trazabilidad de extremo a extremo de desarrollos de aplicaciones y sistemas. Antes de Tuleap Community Edition 15.13.99.37, Tuleap Enterprise Edition 15.13-3 y Tuleap Enterprise Edition 15.12-6, un administrador de sitio pod\u00eda crear un tipo de enlace de artefacto con una etiqueta de reenv\u00edo que le permitiera ejecutar c\u00f3digo no controlado (o al menos lograr la inyecci\u00f3n de contenido) en un cliente de correo. Tuleap Community Edition 15.13.99.37, Tuleap Enterprise Edition 15.13-3 y Tuleap Enterprise Edition 15.12-6 solucionan este problema."}], "lastModified": "2024-10-16T14:05:27.090", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:enalean:tuleap:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "28A2E98A-A185-4019-B306-C439838FA151", "versionEndExcluding": "15.12-6"}, {"criteria": "cpe:2.3:a:enalean:tuleap:*:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "25160A21-0C61-41A4-95C4-6632A50260A9", "versionEndExcluding": "15.13.99.37"}, {"criteria": "cpe:2.3:a:enalean:tuleap:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "F685DF7C-1CA2-449B-84D5-7E8583E9958F", "versionEndExcluding": "15.13-3", "versionStartIncluding": "15.13-0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}