CVE-2024-30246

Name of the Vulnerable Software and Affected Versions Tuleap Community Edition versions prior to 15.7.99.6 Tuleap Enterprise Edition versions prior to 15.7-2, 15.6-5, 15.5-6, 15.4-8, 15.3-6, 15.2-5, 15.1-9, 15.0-9, and 14.12-6

Description A malicious user could exploit this issue to delete information on the instance or possibly gain access to restricted artifacts. Information from the Date, File, Float, Int, List, OpenList, Text, and Permissions on artifact fields can be impacted, which can lead to the disclosure of restricted information.

Recommendations For Tuleap Community Edition versions prior to 15.7.99.6, update to version 15.7.99.6 or later. For Tuleap Enterprise Edition versions prior to 15.7-2, update to version 15.7-2 or later. For Tuleap Enterprise Edition versions prior to 15.6-5, update to version 15.6-5 or later. For Tuleap Enterprise Edition versions prior to 15.5-6, update to version 15.5-6 or later. For Tuleap Enterprise Edition versions prior to 15.4-8, update to version 15.4-8 or later. For Tuleap Enterprise Edition versions prior to 15.3-6, update to version 15.3-6 or later. For Tuleap Enterprise Edition versions prior to 15.2-5, update to version 15.2-5 or later. For Tuleap Enterprise Edition versions prior to 15.1-9, update to version 15.1-9 or later. For Tuleap Enterprise Edition versions prior to 15.0-9, update to version 15.0-9 or later. For Tuleap Enterprise Edition versions prior to 14.12-6, update to version 14.12-6 or later.