PT-2025-26830 · Unknown · Tuleap Community Edition+1

Tgerbet

+1

·

Published

2025-06-25

·

Updated

2025-06-25

·

CVE-2025-48991

CVSS v3.1

4.6

Medium

VectorAV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
Name of the Vulnerable Software and Affected Versions: Tuleap Community Edition versions prior to 16.8.99.1748845907 Tuleap Enterprise Edition versions prior to 16.8-3 Tuleap Enterprise Edition versions prior to 16.7-5
Description: An attacker could use a vulnerability present in Tuleap to trick victims into changing the canned responses.
Recommendations: For Tuleap Community Edition versions prior to 16.8.99.1748845907, update to version 16.8.99.1748845907 or later. For Tuleap Enterprise Edition versions prior to 16.8-3, update to version 16.8-3 or later. For Tuleap Enterprise Edition versions prior to 16.7-5, update to version 16.7-5 or later.

Exploit

Fix

CSRF

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2025-48991
GHSA-PX9R-875R-W534

Affected Products

Tuleap Community Edition
Tuleap Enterprise Edition