Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
youtrack vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-12866
An Insecure Direct Object Reference, with Authorization Bypass through a User-Controlled Key, was possible in JetBrains YouTrack. The issue was fixed in 2018.4.49168.
Jetbrains Youtrack
7.5
CVSSv2
CVE-2019-12867
Certain actions could cause privilege escalation for issue attachments in JetBrains YouTrack. The issue was fixed in 2018.4.49168.
Jetbrains Youtrack
4.3
CVSSv2
CVE-2019-16171
In JetBrains YouTrack up to and including 2019.2.56594, stored XSS was found on the issue page.
Jetbrains Youtrack
4
CVSSv2
CVE-2022-24343
In JetBrains YouTrack prior to 2021.4.31698, a custom logo could be set by a user who has read-only permissions.
Jetbrains Youtrack
3.5
CVSSv2
CVE-2022-24344
JetBrains YouTrack prior to 2021.4.31698 was vulnerable to stored XSS on the Notification templates page.
Jetbrains Youtrack
3.5
CVSSv2
CVE-2022-24347
JetBrains YouTrack prior to 2021.4.36872 was vulnerable to stored XSS via a project icon.
Jetbrains Youtrack
7.5
CVSSv2
CVE-2022-24442
JetBrains YouTrack prior to 2021.4.40426 was vulnerable to SSTI (Server-Side Template Injection) via FreeMarker templates.
Jetbrains Youtrack
1 Github repository
3.5
CVSSv2
CVE-2021-43184
In JetBrains YouTrack prior to 2021.3.21051, stored XSS is possible.
Jetbrains Youtrack
3.5
CVSSv2
CVE-2021-43186
JetBrains YouTrack prior to 2021.3.24402 is vulnerable to stored XSS.
Jetbrains Youtrack
NA
CVE-2023-35053
In JetBrains YouTrack prior to 2023.1.10518 a DoS attack was possible via Helpdesk forms
Jetbrains Youtrack
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »