Tuleap FRS Plugin Improper Permission Handling Vulnerability

A vulnerability exists in the Tuleap FRS (File Release System) plugin, specifically in the Community and Enterprise Editions, prior to the patched versions. The issue stems from improper permission handling in the REST endpoints, allowing unauthorized access to release notes and related information. This vulnerability can be exploited by accessing specific FRS REST endpoints without the necessary permissions, potentially leading to unauthorized information disclosure.

Impact

Exploitation of this vulnerability allows attackers to access restricted release notes and information through the FRS REST endpoints, bypassing normal permission checks.

Reproduction

To reproduce this vulnerability, send a request to the FRS release notes endpoint for a specific release. The request will succeed even if the user does not have the required permissions to access the release notes, due to the lack of proper permission verification in the endpoint.

Remediation

Users can upgrade to Tuleap Community Edition 16.5.99.1742812323 or Tuleap Enterprise Edition 16.5-6 or 16.4-10 to address this vulnerability.