SQL injection via the field name of a tracker
Package
Tuleap Community Edition
(tuleap)
Affected versions
< 13.9.99.95
Patched versions
13.9.99.95
Tuleap Enterprise Edition
(tuleap)
<13.9-3
< 13.8-6
13.9-3
13.8-6
Tuleap does not sanitize properly user inputs when constructing the SQL query to retrieve data for the tracker reports.
Impact
An attacker with the capability to create a new tracker can execute arbitrary SQL queries.
Patches
The following versions contain the fix:
For more information
If you have any questions or comments about this advisory, reach out to us via the contact information provided on the Tuleap.org security page.
References