Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jetbrains youtrack vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-16171
In JetBrains YouTrack up to and including 2019.2.56594, stored XSS was found on the issue page.
Jetbrains Youtrack
5.3
CVSSv3
CVE-2020-27624
JetBrains YouTrack prior to 2020.3.888 was vulnerable to SSRF.
Jetbrains Youtrack
5.3
CVSSv3
CVE-2020-27626
JetBrains YouTrack prior to 2020.3.5333 was vulnerable to SSRF.
Jetbrains Youtrack
5.4
CVSSv3
CVE-2022-28650
In JetBrains YouTrack prior to 2022.1.43700 it was possible to inject JavaScript into Markdown in the YouTrack Classic UI
Jetbrains Youtrack
7.5
CVSSv3
CVE-2020-11693
JetBrains YouTrack prior to 2020.1.659 was vulnerable to DoS that could be caused by attaching a malformed TIFF file to an issue.
Jetbrains Youtrack
8.8
CVSSv3
CVE-2021-25765
In JetBrains YouTrack prior to 2020.4.4701, CSRF via attachment upload was possible.
Jetbrains Youtrack
9.8
CVSSv3
CVE-2022-24442
JetBrains YouTrack prior to 2021.4.40426 was vulnerable to SSTI (Server-Side Template Injection) via FreeMarker templates.
Jetbrains Youtrack
1 Github repository
7.5
CVSSv3
CVE-2020-25209
In JetBrains YouTrack prior to 2020.3.6638, improper access control for some subresources leads to information disclosure via the REST API.
Jetbrains Youtrack
5.3
CVSSv3
CVE-2020-25210
In JetBrains YouTrack prior to 2020.3.7955, an attacker could access workflow rules without appropriate access grants.
Jetbrains Youtrack
7.5
CVSSv3
CVE-2021-31905
In JetBrains YouTrack prior to 2020.6.8801, information disclosure in an issue preview was possible.
Jetbrains Youtrack
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »