Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jetbrains youtrack vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2024-22370
In JetBrains YouTrack prior to 2023.3.22666 stored XSS via markdown was possible
Jetbrains Youtrack
4.3
CVSSv3
CVE-2022-24343
In JetBrains YouTrack prior to 2021.4.31698, a custom logo could be set by a user who has read-only permissions.
Jetbrains Youtrack
5.4
CVSSv3
CVE-2022-24344
JetBrains YouTrack prior to 2021.4.31698 was vulnerable to stored XSS on the Notification templates page.
Jetbrains Youtrack
5.4
CVSSv3
CVE-2022-24347
JetBrains YouTrack prior to 2021.4.36872 was vulnerable to stored XSS via a project icon.
Jetbrains Youtrack
9.8
CVSSv3
CVE-2022-24442
JetBrains YouTrack prior to 2021.4.40426 was vulnerable to SSTI (Server-Side Template Injection) via FreeMarker templates.
Jetbrains Youtrack
1 Github repository
5.4
CVSSv3
CVE-2022-28648
In JetBrains YouTrack prior to 2022.1.43563 HTML code from the issue description was being rendered
Jetbrains Youtrack
5.4
CVSSv3
CVE-2022-28649
In JetBrains YouTrack prior to 2022.1.43563 it was possible to include an iframe from a third-party domain in the issue description
Jetbrains Youtrack
5.4
CVSSv3
CVE-2022-28650
In JetBrains YouTrack prior to 2022.1.43700 it was possible to inject JavaScript into Markdown in the YouTrack Classic UI
Jetbrains Youtrack
4.3
CVSSv3
CVE-2021-37554
In JetBrains YouTrack prior to 2021.3.21051, a user could see boards without having corresponding permissions.
Jetbrains Youtrack
6.5
CVSSv3
CVE-2020-24618
In JetBrains YouTrack versions prior to 2020.3.4313, 2020.2.11008, 2020.1.11011, 2019.1.65514, 2019.2.65515, and 2019.3.65516, an attacker can retrieve an issue description without appropriate access.
Jetbrains Youtrack
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »