CVE-2025-27156 | Enalean Tuleap Community Edition/Tuleap Enterprise Edition HTML Email HTML injection (GHSA-x2v2-xr59-c9cf)

Posted by Angelo Barbosa | Mar 4, 2025 | CVE

A vulnerability was found in Enalean Tuleap Community Edition and Tuleap Enterprise Edition. It has been rated as problematic. Affected by this issue is some unknown functionality of the component HTML Email Handler. The manipulation leads to HTML injection.

This vulnerability is handled as CVE-2025-27156. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-27156 | Enalean Tuleap Community Edition/Tuleap Enterprise Edition HTML Email HTML injection (GHSA-x2v2-xr59-c9cf)

Related Posts

CVE-2024-25966 | Dell PowerScale OneFS up to 9.3.0.0/9.4.0.17/9.5.0.7/9.7.0.1/9.7.0.2 unexpected data type (dsa-2024-163)

CVE-2023-48427 | Siemens SINEC INS up to 1.0 SP2 Update 1 UMC Server certificate validation (ssa-077170)

CVE-2024-9170 | Booster for WooCommerce Plugin up to 7.2.3 on WordPress Shortcode wcj_product_meta cross site scripting

CVE-2023-42022 | IBM InfoSphere Information Server 11.7 Web UI cross site scripting (XFDB-265938)