Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jetbrains youtrack vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2021-37552
In JetBrains YouTrack prior to 2021.2.17925, stored XSS was possible.
Jetbrains Youtrack
5
CVSSv2
CVE-2021-25766
In JetBrains YouTrack prior to 2020.4.4701, improper resource access checks were made.
Jetbrains Youtrack
5
CVSSv2
CVE-2021-25768
In JetBrains YouTrack prior to 2020.4.4701, permissions for attachments actions were checked improperly.
Jetbrains Youtrack
7.5
CVSSv2
CVE-2021-25770
In JetBrains YouTrack prior to 2020.5.3123, server-side template injection (SSTI) was possible, which could lead to code execution.
Jetbrains Youtrack
2 Github repositories
5
CVSSv2
CVE-2021-25771
In JetBrains YouTrack prior to 2020.6.1099, project information could be potentially disclosed.
Jetbrains Youtrack
3.5
CVSSv2
CVE-2022-24347
JetBrains YouTrack prior to 2021.4.36872 was vulnerable to stored XSS via a project icon.
Jetbrains Youtrack
7.5
CVSSv2
CVE-2021-43185
JetBrains YouTrack prior to 2021.3.23639 is vulnerable to Host header injection.
Jetbrains Youtrack
5
CVSSv2
CVE-2020-25208
In JetBrains YouTrack prior to 2020.4.4701, an attacker could enumerate users via the REST API without appropriate permissions.
Jetbrains Youtrack
NA
CVE-2023-35053
In JetBrains YouTrack prior to 2023.1.10518 a DoS attack was possible via Helpdesk forms
Jetbrains Youtrack
6.4
CVSSv2
CVE-2021-37549
In JetBrains YouTrack prior to 2021.1.11111, sandboxing in workflows was insufficient.
Jetbrains Youtrack
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »