关键信息 漏洞标题 Missing CSRF protections on artifact submission & edition from the tracker view 严重性 Moderate CVSS v3 base metrics: 4.6 / 10 影响 Impact: An attacker could use this vulnerability to trick victims into submitting or editing artifacts or follow-up comments. 受影响版本 Tuleap Community Edition (tuleap): < 16.5.99.1741784483 Tuleap Enterprise Edition (tuleap): - < 16.5-3 - < 16.4-8 修复版本 Tuleap Community Edition: 16.5.99.1741784483 Tuleap Enterprise Edition: - 16.5-3 - 16.4-8 CVE ID CVE-2025-29766 弱点 CWE-352 参考链接 request #42208 Missing CSRF protections on artifact submission & edition from the tracker view 81f4533 https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=81f45330fdcc1329cc71eddf4d04b80c340b3b93