Enalean · Tuleap · CVE-2018-17298
**Name of the Vulnerable Software and Affected Versions**
Enalean Tuleap versions prior to 10.5
**Description**
An issue was discovered where reset password links are not invalidated after a user changes their password.
**Recommendations**
For versions prior to 10.5, update to version 10.5 or later to resolve the issue.