Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
youtrack vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-25770
In JetBrains YouTrack prior to 2020.5.3123, server-side template injection (SSTI) was possible, which could lead to code execution.
Jetbrains Youtrack
2 Github repositories
4.3
CVSSv3
CVE-2021-25771
In JetBrains YouTrack prior to 2020.6.1099, project information could be potentially disclosed.
Jetbrains Youtrack
7.5
CVSSv3
CVE-2021-37550
In JetBrains YouTrack prior to 2021.2.16363, time-unsafe comparisons were used.
Jetbrains Youtrack
5.4
CVSSv3
CVE-2021-37552
In JetBrains YouTrack prior to 2021.2.17925, stored XSS was possible.
Jetbrains Youtrack
5.4
CVSSv3
CVE-2024-22370
In JetBrains YouTrack prior to 2023.3.22666 stored XSS via markdown was possible
Jetbrains Youtrack
7.5
CVSSv3
CVE-2021-31905
In JetBrains YouTrack prior to 2020.6.8801, information disclosure in an issue preview was possible.
Jetbrains Youtrack
7.5
CVSSv3
CVE-2023-35053
In JetBrains YouTrack prior to 2023.1.10518 a DoS attack was possible via Helpdesk forms
Jetbrains Youtrack
5.4
CVSSv3
CVE-2023-35054
In JetBrains YouTrack prior to 2023.1.10518 stored XSS in a Markdown-rendering engine was possible
Jetbrains Youtrack
4.3
CVSSv3
CVE-2023-50871
In JetBrains YouTrack prior to 2023.3.22268 authorization check for inline comments inside thread replies was missed
Jetbrains Youtrack
5.4
CVSSv3
CVE-2022-28648
In JetBrains YouTrack prior to 2022.1.43563 HTML code from the issue description was being rendered
Jetbrains Youtrack
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »