Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
youtrack vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-35054
In JetBrains YouTrack prior to 2023.1.10518 stored XSS in a Markdown-rendering engine was possible
Jetbrains Youtrack
5.4
CVSSv3
CVE-2022-28648
In JetBrains YouTrack prior to 2022.1.43563 HTML code from the issue description was being rendered
Jetbrains Youtrack
5.4
CVSSv3
CVE-2022-28649
In JetBrains YouTrack prior to 2022.1.43563 it was possible to include an iframe from a third-party domain in the issue description
Jetbrains Youtrack
5.4
CVSSv3
CVE-2022-28650
In JetBrains YouTrack prior to 2022.1.43700 it was possible to inject JavaScript into Markdown in the YouTrack Classic UI
Jetbrains Youtrack
5.3
CVSSv3
CVE-2020-15818
In JetBrains YouTrack prior to 2020.2.8527, the subtasks workflow could disclose issue existence.
Jetbrains Youtrack
5.3
CVSSv3
CVE-2020-15820
In JetBrains YouTrack prior to 2020.2.6881, the markdown parser could disclose hidden file existence.
Jetbrains Youtrack
7.5
CVSSv3
CVE-2020-15823
JetBrains YouTrack prior to 2020.2.8873 is vulnerable to SSRF in the Workflow component.
Jetbrains Youtrack
5.3
CVSSv3
CVE-2020-15819
JetBrains YouTrack prior to 2020.2.10643 was vulnerable to SSRF that allowed scanning internal ports.
Jetbrains Youtrack
6.5
CVSSv3
CVE-2020-15821
In JetBrains YouTrack prior to 2020.2.6881, a user without permission is able to create an article draft.
Jetbrains Youtrack
3.3
CVSSv3
CVE-2020-24366
Sensitive information could be disclosed in the JetBrains YouTrack application prior to 2020.2.0 for Android via application backups.
Jetbrains Youtrack
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »