Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
youtrack vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2021-43186
JetBrains YouTrack prior to 2021.3.24402 is vulnerable to stored XSS.
Jetbrains Youtrack
7.5
CVSSv3
CVE-2021-31905
In JetBrains YouTrack prior to 2020.6.8801, information disclosure in an issue preview was possible.
Jetbrains Youtrack
9.8
CVSSv3
CVE-2022-24442
JetBrains YouTrack prior to 2021.4.40426 was vulnerable to SSTI (Server-Side Template Injection) via FreeMarker templates.
Jetbrains Youtrack
1 Github repository
5.4
CVSSv3
CVE-2021-37552
In JetBrains YouTrack prior to 2021.2.17925, stored XSS was possible.
Jetbrains Youtrack
7.5
CVSSv3
CVE-2021-37553
In JetBrains YouTrack prior to 2021.2.16363, an insecure PRNG was used.
Jetbrains Youtrack
5.3
CVSSv3
CVE-2020-7912
In JetBrains YouTrack prior to 2019.2.59309, SMTP/Jabber settings could be accessed using backups.
Jetbrains Youtrack
6.1
CVSSv3
CVE-2020-7913
JetBrains YouTrack 2019.2 prior to 2019.2.59309 was vulnerable to XSS via an issue description.
Jetbrains Youtrack
9.8
CVSSv3
CVE-2019-12850
A query injection was possible in JetBrains YouTrack. The issue was fixed in YouTrack 2018.4.49168.
Jetbrains Youtrack
9.8
CVSSv3
CVE-2019-12852
An SSRF attack was possible on a JetBrains YouTrack server. The issue (1 of 2) was fixed in JetBrains YouTrack 2018.4.49168.
Jetbrains Youtrack
9.8
CVSSv3
CVE-2019-12866
An Insecure Direct Object Reference, with Authorization Bypass through a User-Controlled Key, was possible in JetBrains YouTrack. The issue was fixed in 2018.4.49168.
Jetbrains Youtrack
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »