CVE-2025-64498

CVSS v3.1

4.6

Medium

Vector

AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L

Name of the Vulnerable Software and Affected Versions Tuleap Community Edition versions prior to 17.0.99.1762444754 Tuleap Enterprise Edition versions prior to 17.0-2, 16.13-7 and 16.12-10

Description Tuleap is an Open Source Suite for management of software development and collaboration. Attackers can potentially trick victims into changing tracker general settings.

Recommendations Update Tuleap Community Edition to version 17.0.99.1762444754. Update Tuleap Enterprise Edition to version 17.0-2. Update Tuleap Enterprise Edition to version 16.13-7. Update Tuleap Enterprise Edition to version 16.12-10.

Exploit

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2025-64498

GHSA-VXFH-H8P6-P5RG

Affected Products

Tuleap Community Edition

Tuleap Enterprise Edition

CVE-2025-64498

Weakness Enumeration

Related Identifiers

Affected Products

References · 9