Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
youtrack vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-10100
In JetBrains YouTrack Confluence plugin versions prior to 1.8.1.3, it was possible to achieve Server Side Template Injection. The attacker could add an Issue macro to the page in Confluence, and use a combination of a valid id field and specially crafted code in the link-text-tem...
Jetbrains Youtrack Integration
8.8
CVSSv3
CVE-2019-10287
Jenkins youtrack-plugin Plugin 0.7.1 and older stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system.
Jenkins Youtrack-plugin
5.3
CVSSv3
CVE-2021-43190
In JetBrains YouTrack Mobile prior to 2021.2, task hijacking on Android is possible.
Jetbrains Youtrack Mobile
5.3
CVSSv3
CVE-2021-43192
In JetBrains YouTrack Mobile prior to 2021.2, iOS URL scheme hijacking is possible.
Jetbrains Youtrack Mobile
7.3
CVSSv3
CVE-2021-43188
In JetBrains YouTrack Mobile prior to 2021.2, access token protection on iOS is incomplete.
Jetbrains Youtrack Mobile
5.4
CVSSv3
CVE-2021-27733
In JetBrains YouTrack prior to 2020.6.6441, stored XSS was possible via an issue attachment.
7.3
CVSSv3
CVE-2021-43189
In JetBrains YouTrack Mobile prior to 2021.2, access token protection on Android is incomplete.
Jetbrains Youtrack Mobile
NA
CVE-2024-28229
In JetBrains YouTrack prior to 2024.1.25893 user without appropriate permissions could restore issues and articles
5.3
CVSSv3
CVE-2021-43191
JetBrains YouTrack Mobile prior to 2021.2, is missing the security screen on Android and iOS.
Jetbrains Youtrack Mobile
7.5
CVSSv3
CVE-2021-31902
In JetBrains YouTrack prior to 2020.6.6600, access control during the exporting of issues was implemented improperly.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
NEXT »