Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
youtrack vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-25770
In JetBrains YouTrack prior to 2020.5.3123, server-side template injection (SSTI) was possible, which could lead to code execution.
Jetbrains Youtrack
2 Github repositories
4.3
CVSSv2
CVE-2019-14953
JetBrains YouTrack versions prior to 2019.2.53938 had a possible XSS through issue attachments when using the Firefox browser.
Jetbrains Youtrack
4
CVSSv2
CVE-2019-14956
JetBrains YouTrack prior to 2019.2.53938 was using incorrect settings, allowing a user without necessary permissions to get other project names.
Jetbrains Youtrack
4
CVSSv2
CVE-2020-11692
In JetBrains YouTrack prior to 2020.1.659, DB export was accessible to read-only administrators.
Jetbrains Youtrack
5
CVSSv2
CVE-2021-25769
In JetBrains YouTrack prior to 2020.4.6808, the YouTrack administrator wasn't able to access attachments.
Jetbrains Youtrack
3.5
CVSSv2
CVE-2022-28648
In JetBrains YouTrack prior to 2022.1.43563 HTML code from the issue description was being rendered
Jetbrains Youtrack
3.5
CVSSv2
CVE-2022-28649
In JetBrains YouTrack prior to 2022.1.43563 it was possible to include an iframe from a third-party domain in the issue description
Jetbrains Youtrack
3.5
CVSSv2
CVE-2022-28650
In JetBrains YouTrack prior to 2022.1.43700 it was possible to inject JavaScript into Markdown in the YouTrack Classic UI
Jetbrains Youtrack
5
CVSSv2
CVE-2020-25208
In JetBrains YouTrack prior to 2020.4.4701, an attacker could enumerate users via the REST API without appropriate permissions.
Jetbrains Youtrack
5
CVSSv2
CVE-2020-25210
In JetBrains YouTrack prior to 2020.3.7955, an attacker could access workflow rules without appropriate access grants.
Jetbrains Youtrack
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »