Public CVE-2018-6623 disclosure

A SQL injection vulnerability in the tracker functionality of Enalean Tuleap software engineering platform before 9.18 allows attackers to execute arbitrary SQL commands.