Tuleap is an application lifecycle management (ALM) platform. It has features like project management, issue tracking, test management, document management etc. Tuleap used by well known/big companies like Airbus, Eclipse, Sodern etc. (according to the site). HERE is a link about its features.
I ‘ve found simple yet critical CSRF vulnerability on mail change function. The vulnerability leads to account takeover. Below there is a POC video. CVE-2018-7634 has assigned to the vulnerability.
Here is the fix code reference, If you want to review.
https://github.com/Enalean/tuleap/commit/0843c046eee54b16ec6a7753c575838212770189
https://tuleap.net/plugins/tracker/?aid=11217