An issue was discovered in Enalean Tuleap before 10.5. Reset password links are not invalidated after a user changes its password.
CVSS Score
9.8
EPSS Score
0.004
Published
2018-09-21
A SQL injection vulnerability in the tracker functionality of Enalean Tuleap software engineering platform before 9.18 allows attackers to execute arbitrary SQL commands.
CVSS Score
9.8
EPSS Score
0.125
Published
2018-03-12