JetBrains ≫ YouTrack

97 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.

5.3

CVE-2021-25767

In JetBrains YouTrack before 2020.6.1767, an issue's existence could be disclosed via YouTrack command execution.

5.3

In JetBrains YouTrack before 2020.4.4701, permissions for attachments actions were checked improperly.

7.5

In JetBrains YouTrack before 2020.4.6808, the YouTrack administrator wasn't able to access attachments.

9.8

In JetBrains YouTrack before 2020.5.3123, server-side template injection (SSTI) was possible, which could lead to code execution.

5.3

In JetBrains YouTrack before 2020.4.4701, improper resource access checks were made.

8.8

In JetBrains YouTrack before 2020.4.4701, CSRF via attachment upload was possible.

5.3

In JetBrains YouTrack before 2020.4.4701, an attacker could enumerate users via the REST API without appropriate permissions.

5.3

JetBrains YouTrack before 2020.3.5333 was vulnerable to SSRF.

5.3

In JetBrains YouTrack before 2020.3.888, notifications might have mentioned inaccessible issues.

5.3

JetBrains YouTrack before 2020.3.888 was vulnerable to SSRF.