CVE-2021-37553
- EPSS 0%
- Published 06.08.2021 14:15:08
- Last modified 21.11.2024 06:15:23
In JetBrains YouTrack before 2021.2.16363, an insecure PRNG was used.
CVE-2021-37552
- EPSS 0.01%
- Published 06.08.2021 14:15:08
- Last modified 21.11.2024 06:15:23
In JetBrains YouTrack before 2021.2.17925, stored XSS was possible.
CVE-2021-37551
- EPSS 0%
- Published 06.08.2021 14:15:08
- Last modified 21.11.2024 06:15:23
In JetBrains YouTrack before 2021.2.16363, system user passwords were hashed with SHA-256.
CVE-2021-37550
- EPSS 0%
- Published 06.08.2021 14:15:08
- Last modified 21.11.2024 06:15:23
In JetBrains YouTrack before 2021.2.16363, time-unsafe comparisons were used.
CVE-2021-37549
- EPSS 0%
- Published 06.08.2021 14:15:08
- Last modified 21.11.2024 06:15:23
In JetBrains YouTrack before 2021.1.11111, sandboxing in workflows was insufficient.
CVE-2021-31905
- EPSS 0%
- Published 11.05.2021 12:15:07
- Last modified 21.11.2024 06:06:28
In JetBrains YouTrack before 2020.6.8801, information disclosure in an issue preview was possible.
CVE-2021-31903
- EPSS 0.01%
- Published 11.05.2021 12:15:07
- Last modified 21.11.2024 06:06:28
In JetBrains YouTrack before 2021.1.9819, a pull request's title was sanitized insufficiently, leading to XSS.
CVE-2021-31902
- EPSS 0%
- Published 11.05.2021 12:15:07
- Last modified 21.11.2024 06:06:28
In JetBrains YouTrack before 2020.6.6600, access control during the exporting of issues was implemented improperly.
CVE-2021-27733
- EPSS 0.01%
- Published 11.05.2021 12:15:07
- Last modified 21.11.2024 05:58:28
In JetBrains YouTrack before 2020.6.6441, stored XSS was possible via an issue attachment.
- EPSS 0.01%
- Published 03.02.2021 16:15:15
- Last modified 21.11.2024 05:55:24
In JetBrains YouTrack before 2020.6.1099, project information could be potentially disclosed.