Template for creating a security advisory in the Requests tracker
Summary: Short description of what the vulnerability is and the impacted component
Internal information: tick the security checkbox
Original Submission: (elements between * should be replaced)
*Extended description of the issue*
### Impact
*Description of what can happen if the vulnerability is exploited*
CVSSv3.1 score: *X.X* (CVSS:3.1/*CVSS vector string*)
### Exploitation
*If possible/applicable, a short reproducer of the vulnerability*
### References
[CWE *CWE ID*](https://cwe.mitre.org/data/definitions/*CWE ID*.html)
*Other relevant information regarding the issue (e.g. OWASP guide), the goal is to provide more context to Tuleap
maintainers about the issue*
CVE ID pending *(to be replaced once the CVE ID has been assigned)*
### Acknowledgements
*Section to be completed with the information provided by the third party reporter if they want to be credited*
Severity: use the CVSS score as a guideline for the severity: Low if under 3.9, Medium if under 7.0, High if higher or equal than 7.0
Disclosure Date: set it to the expected disclosure date (you will receive a reminder the day before)
Permissions on artifact: enable it and restrict access to the Enalean user group