Filter
-Infinity
0
JetBrains YouTrackJetBrains YouTrack before 2021.3.23639 is vulnerable to Host header injection.
9.8
First published (updated )
JetBrains YouTrackCertain actions could cause privilege escalation for issue attachments in JetBrains YouTrack. The is…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
JetBrains YouTrackAn Insecure Direct Object Reference, with Authorization Bypass through a User-Controlled Key, was po…
9.8
First published (updated )
JetBrains YouTrackIn JetBrains YouTrack before 2021.1.11111, sandboxing in workflows was insufficient.
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
JetBrains YouTrackIn JetBrains YouTrack before 2020.1.1331, an external user could execute commands against arbitrary …
8.8
First published (updated )
JetBrains YouTrackIn JetBrains YouTrack before 2024.2.34646 user without appropriate permissions could enable the auto…
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
JetBrains YouTrackIn JetBrains YouTrack before 2024.3.47197 insecure plugin iframe allowed arbitrary JavaScript execut…
8.1
First published (updated )
JetBrains YouTrackIn JetBrains YouTrack before 2024.3.55417 account takeover was possible via spoofed email and Helpde…
7.8
EPSS
0.05%
First published (updated )
JetBrains YouTrackIn JetBrains YouTrack before 2024.1.29548 the SMTPS protocol communication lacked proper certificate…
7.5
EPSS
0.04%
First published (updated )
JetBrains YouTrackIn JetBrains YouTrack before 2024.2.34646 user access token was sent to the third-party site
7.5
First published (updated )
JetBrains YouTrackIn JetBrains YouTrack before 2024.3.47707 potential ReDoS exploit was possible via email header pars…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
JetBrains YouTrackIn JetBrains YouTrack before 2020.3.6638, improper access control for some subresources leads to inf…
7.5
First published (updated )
JetBrains YouTrackIn JetBrains YouTrack before 2021.2.16363, time-unsafe comparisons were used.
7.5
First published (updated )
JetBrains YouTrackIn JetBrains YouTrack before 2020.6.8801, information disclosure in an issue preview was possible.
7.5
First published (updated )
JetBrains YouTrackIn JetBrains YouTrack before 2020.6.6600, access control during the exporting of issues was implemen…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
JetBrains YouTrackIn JetBrains YouTrack before 2020.4.6808, the YouTrack administrator wasn't able to access attachmen…
7.5
First published (updated )
JetBrains YouTrackIn JetBrains YouTrack Mobile before 2021.2, access token protection on iOS is incomplete.
7.5
First published (updated )
JetBrains YouTrackIn JetBrains YouTrack Mobile before 2021.2, access token protection on Android is incomplete.
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.