Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2023-35929

Tuleap is a free and open source suite to improve management of software development and collaboration. Prior to version 14.10.99.4 of Tuleap Community Edition and prior to versions 14.10-2 and 14.9-5 of Tuleap Enterprise Edition, content displayed in the "card fields" (visible in the kanban and PV2 apps) is not properly escaped. A malicious user with the capability to create an artifact or to edit a field used as a card field could force victim to execute uncontrolled code. Tuleap Community Edition 14.10.99.4, Tuleap Enterprise Edition 14.10-2, and Tuleap Enterprise Edition 14.9-5 contain a fix.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.3%
CVSS Severity
CVSS v3 Score 5.4
Products affected by CVE-2023-35929
  • Enalean » Tuleap » Version: N/A
    cpe:2.3:a:enalean:tuleap:-
  • Enalean » Tuleap » Version: 11.15-1
    cpe:2.3:a:enalean:tuleap:11.15-1
  • Enalean » Tuleap » Version: 11.15-8
    cpe:2.3:a:enalean:tuleap:11.15-8
  • Enalean » Tuleap » Version: 11.16-1
    cpe:2.3:a:enalean:tuleap:11.16-1
  • Enalean » Tuleap » Version: 11.16-6
    cpe:2.3:a:enalean:tuleap:11.16-6
  • Enalean » Tuleap » Version: 11.16-7
    cpe:2.3:a:enalean:tuleap:11.16-7
  • Enalean » Tuleap » Version: 11.16.99.173
    cpe:2.3:a:enalean:tuleap:11.16.99.173
  • Enalean » Tuleap » Version: 11.17-1
    cpe:2.3:a:enalean:tuleap:11.17-1
  • Enalean » Tuleap » Version: 11.17-5
    cpe:2.3:a:enalean:tuleap:11.17-5
  • Enalean » Tuleap » Version: 11.17.99.144
    cpe:2.3:a:enalean:tuleap:11.17.99.144
  • Enalean » Tuleap » Version: 11.17.99.146
    cpe:2.3:a:enalean:tuleap:11.17.99.146
  • Enalean » Tuleap » Version: 12.10
    cpe:2.3:a:enalean:tuleap:12.10
  • Enalean » Tuleap » Version: 12.11-2
    cpe:2.3:a:enalean:tuleap:12.11-2
  • Enalean » Tuleap » Version: 12.9.99.228
    cpe:2.3:a:enalean:tuleap:12.9.99.228
  • Enalean » Tuleap » Version: 13.12-6
    cpe:2.3:a:enalean:tuleap:13.12-6
  • Enalean » Tuleap » Version: 13.6-5
    cpe:2.3:a:enalean:tuleap:13.6-5
  • Enalean » Tuleap » Version: 13.7-1
    cpe:2.3:a:enalean:tuleap:13.7-1
  • Enalean » Tuleap » Version: 13.7-4
    cpe:2.3:a:enalean:tuleap:13.7-4
  • Enalean » Tuleap » Version: 13.7.99.239
    cpe:2.3:a:enalean:tuleap:13.7.99.239
  • Enalean » Tuleap » Version: 13.8.99.49
    cpe:2.3:a:enalean:tuleap:13.8.99.49
  • Enalean » Tuleap » Version: 14.0
    cpe:2.3:a:enalean:tuleap:14.0
  • Enalean » Tuleap » Version: 14.0-3
    cpe:2.3:a:enalean:tuleap:14.0-3
  • Enalean » Tuleap » Version: 14.0.99.24
    cpe:2.3:a:enalean:tuleap:14.0.99.24
  • Enalean » Tuleap » Version: 14.10
    cpe:2.3:a:enalean:tuleap:14.10
  • Enalean » Tuleap » Version: 14.4-7
    cpe:2.3:a:enalean:tuleap:14.4-7
  • Enalean » Tuleap » Version: 14.5
    cpe:2.3:a:enalean:tuleap:14.5
  • Enalean » Tuleap » Version: 14.5-2
    cpe:2.3:a:enalean:tuleap:14.5-2
  • Enalean » Tuleap » Version: 14.5.99.4
    cpe:2.3:a:enalean:tuleap:14.5.99.4
  • Enalean » Tuleap » Version: 14.7-7
    cpe:2.3:a:enalean:tuleap:14.7-7
  • Enalean » Tuleap » Version: 14.7.99.143
    cpe:2.3:a:enalean:tuleap:14.7.99.143
  • Enalean » Tuleap » Version: 14.7.99.76
    cpe:2.3:a:enalean:tuleap:14.7.99.76
  • Enalean » Tuleap » Version: 14.8
    cpe:2.3:a:enalean:tuleap:14.8
  • Enalean » Tuleap » Version: 14.8-3
    cpe:2.3:a:enalean:tuleap:14.8-3
  • Enalean » Tuleap » Version: 14.8.99.60
    cpe:2.3:a:enalean:tuleap:14.8.99.60


Products
Pricing
Contact Us

Shodan ® - All rights reserved