Jetbrains - Youtrack CVE

Filtered by vendor Jetbrains Subscriptions

Filtered by product Youtrack Subscriptions

Total 63 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2021-25765	1 Jetbrains	1 Youtrack	2021-02-04	8.8 High
In JetBrains YouTrack before 2020.4.4701, CSRF via attachment upload was possible.
CVE-2020-27625	1 Jetbrains	1 Youtrack	2020-11-21	5.3 Medium
In JetBrains YouTrack before 2020.3.888, notifications might have mentioned inaccessible issues.
CVE-2020-27624	1 Jetbrains	1 Youtrack	2020-11-21	5.3 Medium
JetBrains YouTrack before 2020.3.888 was vulnerable to SSRF.
CVE-2020-27626	1 Jetbrains	1 Youtrack	2020-11-21	5.3 Medium
JetBrains YouTrack before 2020.3.5333 was vulnerable to SSRF.
CVE-2020-15822	1 Jetbrains	1 Youtrack	2020-10-22	7.3 High
In JetBrains YouTrack before 2020.2.10514, SSRF is possible because URL filtering can be escaped.
CVE-2019-12867	1 Jetbrains	1 Youtrack	2020-08-24	N/A
Certain actions could cause privilege escalation for issue attachments in JetBrains YouTrack. The issue was fixed in 2018.4.49168.
CVE-2019-12866	1 Jetbrains	1 Youtrack	2020-08-24	N/A
An Insecure Direct Object Reference, with Authorization Bypass through a User-Controlled Key, was possible in JetBrains YouTrack. The issue was fixed in 2018.4.49168.
CVE-2020-15823	1 Jetbrains	1 Youtrack	2020-08-10	7.5 High
JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component.
CVE-2020-15819	1 Jetbrains	1 Youtrack	2020-08-10	5.3 Medium
JetBrains YouTrack before 2020.2.10643 was vulnerable to SSRF that allowed scanning internal ports.
CVE-2020-15821	1 Jetbrains	1 Youtrack	2020-08-10	6.5 Medium
In JetBrains YouTrack before 2020.2.6881, a user without permission is able to create an article draft.
CVE-2020-11692	1 Jetbrains	1 Youtrack	2020-04-27	2.7 Low
In JetBrains YouTrack before 2020.1.659, DB export was accessible to read-only administrators.
CVE-2020-7912	1 Jetbrains	1 Youtrack	2020-02-01	5.3 Medium
In JetBrains YouTrack before 2019.2.59309, SMTP/Jabber settings could be accessed using backups.
CVE-2020-7913	1 Jetbrains	1 Youtrack	2020-01-31	6.1 Medium
JetBrains YouTrack 2019.2 before 2019.2.59309 was vulnerable to XSS via an issue description.
CVE-2019-18369	1 Jetbrains	1 Youtrack	2019-11-01	5.3 Medium
In JetBrains YouTrack before 2019.2.55152, removing tags from the issues list without the corresponding permission was possible.
CVE-2019-15041	1 Jetbrains	1 Youtrack	2019-10-08	6.1 Medium
JetBrains YouTrack versions before 2019.1.52545 allowed unbounded URL whitelisting because of Inclusion of Functionality from an Untrusted Control Sphere.
CVE-2019-14956	1 Jetbrains	1 Youtrack	2019-10-03	4.3 Medium
JetBrains YouTrack before 2019.2.53938 was using incorrect settings, allowing a user without necessary permissions to get other project names.
CVE-2019-16171	1 Jetbrains	1 Youtrack	2019-10-03	6.1 Medium
In JetBrains YouTrack through 2019.2.56594, stored XSS was found on the issue page.
CVE-2019-15040	1 Jetbrains	1 Youtrack	2019-10-03	8.8 High
JetBrains YouTrack versions before 2019.1 had a CSRF vulnerability on the settings page.
CVE-2019-14952	1 Jetbrains	1 Youtrack	2019-10-02	6.1 Medium
JetBrains YouTrack versions before 2019.1.52584 had a possible XSS in the issue titles.
CVE-2019-14953	2 Jetbrains, Mozilla	2 Youtrack, Firefox	2019-10-02	6.1 Medium
JetBrains YouTrack versions before 2019.2.53938 had a possible XSS through issue attachments when using the Firefox browser.

« first previous Page 3 of 4. next last »