Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
youtrack vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-25767
In JetBrains YouTrack prior to 2020.6.1767, an issue's existence could be disclosed via YouTrack command execution.
Jetbrains Youtrack
7.5
CVSSv2
CVE-2021-25770
In JetBrains YouTrack prior to 2020.5.3123, server-side template injection (SSTI) was possible, which could lead to code execution.
Jetbrains Youtrack
2 Github repositories
5.8
CVSSv2
CVE-2019-15041
JetBrains YouTrack versions prior to 2019.1.52545 allowed unbounded URL whitelisting because of Inclusion of Functionality from an Untrusted Control Sphere.
Jetbrains Youtrack
4
CVSSv2
CVE-2022-24343
In JetBrains YouTrack prior to 2021.4.31698, a custom logo could be set by a user who has read-only permissions.
Jetbrains Youtrack
5
CVSSv2
CVE-2020-7912
In JetBrains YouTrack prior to 2019.2.59309, SMTP/Jabber settings could be accessed using backups.
Jetbrains Youtrack
5
CVSSv2
CVE-2019-18369
In JetBrains YouTrack prior to 2019.2.55152, removing tags from the issues list without the corresponding permission was possible.
Jetbrains Youtrack
3.5
CVSSv2
CVE-2022-28648
In JetBrains YouTrack prior to 2022.1.43563 HTML code from the issue description was being rendered
Jetbrains Youtrack
3.5
CVSSv2
CVE-2022-28649
In JetBrains YouTrack prior to 2022.1.43563 it was possible to include an iframe from a third-party domain in the issue description
Jetbrains Youtrack
3.5
CVSSv2
CVE-2022-28650
In JetBrains YouTrack prior to 2022.1.43700 it was possible to inject JavaScript into Markdown in the YouTrack Classic UI
Jetbrains Youtrack
5
CVSSv2
CVE-2020-25209
In JetBrains YouTrack prior to 2020.3.6638, improper access control for some subresources leads to information disclosure via the REST API.
Jetbrains Youtrack
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »