JetBrains ≫ YouTrack

97 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.

6.1

CVE-2024-50575

In JetBrains YouTrack before 2024.3.47707 reflected XSS was possible in Widget API

7.5

In JetBrains YouTrack before 2024.3.47707 potential ReDoS exploit was possible via email header parsing in Helpdesk functionality

6.1

In JetBrains YouTrack before 2024.3.47197 insecure plugin iframe allowed arbitrary JavaScript execution and unauthorized API requests

5.4

In JetBrains YouTrack before 2024.3.46677 improper access control allowed users with project update permission to delete applications via API

5.3

In JetBrains YouTrack before 2024.3.44799 token could be revealed on Imports page

5.3

In JetBrains YouTrack before 2024.3.44799 access to global app config data without appropriate permissions was possible

4.3

In JetBrains YouTrack before 2024.3.44799 user without appropriate permissions could restore workflows attached to a project

8.1

In JetBrains YouTrack before 2024.2.34646 user without appropriate permissions could enable the auto-attach option for workflows

7.5

In JetBrains YouTrack before 2024.2.34646 user access token was sent to the third-party site

5.3

In JetBrains YouTrack before 2024.2.34646 the Guest User Account was enabled for attaching files to articles