Vulnerabilidades em Enalean
62 resultadosCVE-2024-39902MEDIUMTuleap's recursive permissions to document manager folder are not properly appliedEPSS 0.3%CVE-2025-53902MEDIUMTuleap exposes artifacts to a mentioned user via email notificationsEPSS 0.3%CVE-2025-30155MEDIUMTuleap does not enforce read permissions on parent trackers in the REST APIEPSS 0.3%CVE-2025-27099MEDIUMTuleap allows XSS via the tracker names used in the semantic timeframe deletion messageEPSS 0.3%CVE-2025-52899MEDIUMTuleap vulnerable to user enumeration via the lost password formEPSS 0.3%CVE-2025-54877MEDIUMTuleap's special and always there fields permissions are not verified in cross-tracker searchEPSS 0.3%CVE-2025-30203MEDIUMTuleap allows XSS via the content of RSS feeds in the RSS widgetsEPSS 0.3%CVE-2025-27156MEDIUMTuleap allows content injection via emails sent by the mass emailing featuresEPSS 0.2%CVE-2025-64497MEDIUMTuleap exposes releases for all projects to File Release System project administratorsEPSS 0.2%CVE-2025-53541MEDIUMTuleap is vulnerable to XSS attacks when displaying the children of a parent artifactEPSS 0.2%CVE-2025-29766MEDIUMTuleap has missing CSRF protections on artifact submission & edition from the tracker viewEPSS 0.2%CVE-2025-29929MEDIUMTuleap is missing CSRF protection on tracker hierarchy administrationEPSS 0.2%CVE-2025-27402MEDIUMTuleap is missing CSRF protections on tracker fields administrative operationsEPSS 0.2%CVE-2025-50179MEDIUMTuleap missing CSRF protection on tracker reports manipulationEPSS 0.1%CVE-2025-48991MEDIUMTuleap missing CSRF protection on tracker canned responses administrationEPSS 0.1%CVE-2026-24007MEDIUMTuleap is missing CSRF protection in the Overview inconsistent itemsEPSS 0.1%CVE-2025-65962MEDIUMTuleap has missing CSRF protections its in tracker field dependenciesEPSS 0.1%CVE-2025-64498MEDIUMTuleap has a Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-64760MEDIUMTuleap has missing CSRF protections in its tracker trigger management systemEPSS 0.1%CVE-2025-64499MEDIUMTuleap is missing CSRF protections for its planning management APIEPSS 0.1%