Youtrack CVEs and Security Vulnerabilities

Filtered by vendor Jetbrains Subscriptions

Filtered by product Youtrack Subscriptions

Search

Switch to Advanced Search (Beta)

Total 92 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2021-25771	1 Jetbrains	1 Youtrack	2024-11-21	4.3 Medium
In JetBrains YouTrack before 2020.6.1099, project information could be potentially disclosed.
CVE-2021-25770	1 Jetbrains	1 Youtrack	2024-11-21	9.8 Critical
In JetBrains YouTrack before 2020.5.3123, server-side template injection (SSTI) was possible, which could lead to code execution.
CVE-2021-25769	1 Jetbrains	1 Youtrack	2024-11-21	7.5 High
In JetBrains YouTrack before 2020.4.6808, the YouTrack administrator wasn't able to access attachments.
CVE-2021-25768	1 Jetbrains	1 Youtrack	2024-11-21	5.3 Medium
In JetBrains YouTrack before 2020.4.4701, permissions for attachments actions were checked improperly.
CVE-2021-25767	1 Jetbrains	1 Youtrack	2024-11-21	5.3 Medium
In JetBrains YouTrack before 2020.6.1767, an issue's existence could be disclosed via YouTrack command execution.
CVE-2021-25766	1 Jetbrains	1 Youtrack	2024-11-21	5.3 Medium
In JetBrains YouTrack before 2020.4.4701, improper resource access checks were made.
CVE-2021-25765	1 Jetbrains	1 Youtrack	2024-11-21	8.8 High
In JetBrains YouTrack before 2020.4.4701, CSRF via attachment upload was possible.
CVE-2020-7913	1 Jetbrains	1 Youtrack	2024-11-21	6.1 Medium
JetBrains YouTrack 2019.2 before 2019.2.59309 was vulnerable to XSS via an issue description.
CVE-2020-7912	1 Jetbrains	1 Youtrack	2024-11-21	5.3 Medium
In JetBrains YouTrack before 2019.2.59309, SMTP/Jabber settings could be accessed using backups.
CVE-2020-27626	1 Jetbrains	1 Youtrack	2024-11-21	5.3 Medium
JetBrains YouTrack before 2020.3.5333 was vulnerable to SSRF.
CVE-2020-27625	1 Jetbrains	1 Youtrack	2024-11-21	5.3 Medium
In JetBrains YouTrack before 2020.3.888, notifications might have mentioned inaccessible issues.
CVE-2020-27624	1 Jetbrains	1 Youtrack	2024-11-21	5.3 Medium
JetBrains YouTrack before 2020.3.888 was vulnerable to SSRF.
CVE-2020-25210	1 Jetbrains	1 Youtrack	2024-11-21	5.3 Medium
In JetBrains YouTrack before 2020.3.7955, an attacker could access workflow rules without appropriate access grants.
CVE-2020-25209	1 Jetbrains	1 Youtrack	2024-11-21	7.5 High
In JetBrains YouTrack before 2020.3.6638, improper access control for some subresources leads to information disclosure via the REST API.
CVE-2020-25208	1 Jetbrains	1 Youtrack	2024-11-21	5.3 Medium
In JetBrains YouTrack before 2020.4.4701, an attacker could enumerate users via the REST API without appropriate permissions.
CVE-2020-24618	1 Jetbrains	1 Youtrack	2024-11-21	6.5 Medium
In JetBrains YouTrack versions before 2020.3.4313, 2020.2.11008, 2020.1.11011, 2019.1.65514, 2019.2.65515, and 2019.3.65516, an attacker can retrieve an issue description without appropriate access.
CVE-2020-24366	1 Jetbrains	1 Youtrack	2024-11-21	3.3 Low
Sensitive information could be disclosed in the JetBrains YouTrack application before 2020.2.0 for Android via application backups.
CVE-2020-15823	1 Jetbrains	1 Youtrack	2024-11-21	7.5 High
JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component.
CVE-2020-15822	1 Jetbrains	1 Youtrack	2024-11-21	7.3 High
In JetBrains YouTrack before 2020.2.10514, SSRF is possible because URL filtering can be escaped.
CVE-2020-15821	1 Jetbrains	1 Youtrack	2024-11-21	6.5 Medium
In JetBrains YouTrack before 2020.2.6881, a user without permission is able to create an article draft.

« first previous Page 3 of 5. next last »