← Back to CVE List

CVE-2024-46980

Published: 2024-10-14T18:15Z
Last Modified: 2024-10-16T14:05Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.37, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15.12-6, a site administrator could create an artifact link type with a forward label allowing them to execute uncontrolled code (or at least achieve content injection) in a mail client. Tuleap Community Edition 15.13.99.37, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15.12-6 fix this issue. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt