Skip to main content

Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

    •  
      request #41850 Deleting a report can delete criteria filters in other reports
    Actions
    Infos
    #41850
    Marie Ange Garnier (marieange)
    2025-03-04 17:37
    2025-02-18 16:53
    43518
    Details
    Deleting a report can delete criteria filters in other reports

    The deletion of tracker reports delete criteria filters that might not be related to the deleted tracker report.

    Impact

    In a standard usages of Tuleap, the issue have a limited impact, it will mostly leave dangling data. However, a malicious user could create and delete reports multiple times to cycle through all the filters of all reports of the instance and delete them. The malicious user only need to have access to one tracker. This would result in the loss of all criteria filters forcing users and tracker admins to re-create them.

    CVSSv3.1 score: 4.3 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)

    Exploitation

    Go to a tracker report and delete it.

    Check in db, you will have leftovers in tables tracker_report_criteria_<type>_value.

    References

    CWE 440
    CVE-2025-27401

    Trackers
    All
    Empty
    • [ ] enhancement
    • [ ] internal improvement
    Empty
    Stage
    Marie Ange Garnier (marieange)
    Closed
    2025-02-25
    Attachments
    Artifact links

    Releases

    Fixed in

    Artifact ID Project Tracker Summary Status Last Update Date Submitted By Assigned to
    rel #41091 Tuleap Releases 16.5 Delivered 2025-02-27 11:44 Manuel Vacelet (vaceletm)
    By Marie Ange Garnier (marieange)
    (11 kB)
    image.png
    References
    Referencing request #41850

    Git commit

    tuleap/tuleap/stable

    fixes request #41850 report criteria leaves leftover when a report is deleted 0070fef5c3
    User avatar Marie Ange Garnier (marieange) , 2025-02-25 09:12
    Merge commit 'refs/changes/35/33535/9' of ssh://gerrit.tuleap.net:29418/tuleap into HEAD b264930331
    User avatar Joris MASSON (jmasson) , 2025-02-25 16:55
    Display settings

    Follow-ups

    User avatar
    Thomas Gerbet (tgerbet)2025-02-27 16:30

    CVE-2025-27401 has been assigned to this issue.

    • Original Submission
      Something went wrong, the follow up content couldn't be loaded
      Only formatting have been changed, you should switch to markup to see the changes
    User avatar
    Thomas Gerbet (tgerbet)2025-02-20 11:44
    • Summary
      -report criteria leaves leftover when a report is deleted 
      +Deleting a report can delete criteria filters in other reports 
    • Original Submission
      Something went wrong, the follow up content couldn't be loaded
      Only formatting have been changed, you should switch to markup to see the changes
    • Status changed from Under implementation to Under review