从这个网页截图中,可以获取到以下关于漏洞的关键信息: 1. 漏洞描述: - 标题:XSS in the HTML mail content of the cross reference field - 描述:Content of cross reference field is not properly escaped in mail notifications. 2. 影响: - 描述:A site administrator could create an artifact link type with a forward label allowing to execute uncontrolled code (or at least achieve content injection) in a mail client. - CVSSv3.1 score:4.8 (AV:N/AC:L/PR:H/UI:R/S:C/N/I:L/A:L) 3. 参考: - CWE:79 - OWASP Cross-site Scripting - CVE-2024-46980 4. 状态: - 状态:Closed - 关闭日期:2024-09-17 5. 关联的补丁: - 补丁ID:rel #37898 - 项目:Tuleap - 版本:16.0 - 状态:Delivered - 提交时间:2024-10-09 15:47 - 提交者:Manuel Vacelet (vaceletm) 6. 引用: - 引用请求:#39689 - Git提交: - 提交ID:dd94a79998 - 提交者:Thomas Gerbet (tgerbet) - 提交时间:28天前 - 描述:fix: request #39689 XSS in the HTML mail content of the cross reference field 这些信息提供了关于漏洞的详细描述、影响、参考、状态、关联的补丁以及引用请求的详细信息。