Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jetbrains youtrack vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2022-24343
In JetBrains YouTrack prior to 2021.4.31698, a custom logo could be set by a user who has read-only permissions.
Jetbrains Youtrack
3.5
CVSSv2
CVE-2022-24344
JetBrains YouTrack prior to 2021.4.31698 was vulnerable to stored XSS on the Notification templates page.
Jetbrains Youtrack
3.5
CVSSv2
CVE-2022-24347
JetBrains YouTrack prior to 2021.4.36872 was vulnerable to stored XSS via a project icon.
Jetbrains Youtrack
7.5
CVSSv2
CVE-2022-24442
JetBrains YouTrack prior to 2021.4.40426 was vulnerable to SSTI (Server-Side Template Injection) via FreeMarker templates.
Jetbrains Youtrack
1 Github repository
6.8
CVSSv2
CVE-2021-25765
In JetBrains YouTrack prior to 2020.4.4701, CSRF via attachment upload was possible.
Jetbrains Youtrack
5
CVSSv2
CVE-2021-25767
In JetBrains YouTrack prior to 2020.6.1767, an issue's existence could be disclosed via YouTrack command execution.
Jetbrains Youtrack
5
CVSSv2
CVE-2021-25769
In JetBrains YouTrack prior to 2020.4.6808, the YouTrack administrator wasn't able to access attachments.
Jetbrains Youtrack
5
CVSSv2
CVE-2020-25209
In JetBrains YouTrack prior to 2020.3.6638, improper access control for some subresources leads to information disclosure via the REST API.
Jetbrains Youtrack
NA
CVE-2023-38068
In JetBrains YouTrack prior to 2023.1.16597 captcha was not properly validated for Helpdesk forms
Jetbrains Youtrack
NA
CVE-2023-35053
In JetBrains YouTrack prior to 2023.1.10518 a DoS attack was possible via Helpdesk forms
Jetbrains Youtrack
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »