By Risk Score
By Publish Date
By Recent Activity
youtrack vulnerabilities and exploits
(subscribe to this query)
JetBrains YouTrack before 2020.3.5333 was vulnerable to SSRF....
In JetBrains YouTrack Confluence plugin versions before 188.8.131.52, it was possible to achieve Server Side Template Injection. The attacker could add an Issue macro to the page in Confluence, and use a combination of a valid id field and specially crafted code in the...
In JetBrains YouTrack before 2020.3.7955, an attacker could access workflow rules without appropriate access grants....
In JetBrains YouTrack before 2020.3.888, notifications might have mentioned inaccessible issues....
In JetBrains YouTrack before 2020.3.6638, improper access control for some subresources leads to information disclosure via the REST API....
JetBrains YouTrack before 2020.3.888 was vulnerable to SSRF....
JetBrains YouTrack versions before 2019.2.53938 had a possible XSS through issue attachments when using the Firefox browser....
Sensitive information could be disclosed in the JetBrains YouTrack application before 2020.2.0 for Android via application backups....
JetBrains YouTrack before 2020.1.659 was vulnerable to DoS that could be caused by attaching a malformed TIFF file to an issue....
In JetBrains YouTrack before 2020.2.6881, a user without permission is able to create an article draft....
1 Github repository available