Youtrack CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (104 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2021-43184	1 Jetbrains	1 Youtrack	2024-11-21	5.4 Medium
In JetBrains YouTrack before 2021.3.21051, stored XSS is possible.
CVE-2021-37554	1 Jetbrains	1 Youtrack	2024-11-21	4.3 Medium
In JetBrains YouTrack before 2021.3.21051, a user could see boards without having corresponding permissions.
CVE-2021-37553	1 Jetbrains	1 Youtrack	2024-11-21	7.5 High
In JetBrains YouTrack before 2021.2.16363, an insecure PRNG was used.
CVE-2021-37552	1 Jetbrains	1 Youtrack	2024-11-21	5.4 Medium
In JetBrains YouTrack before 2021.2.17925, stored XSS was possible.
CVE-2021-37551	1 Jetbrains	1 Youtrack	2024-11-21	5.3 Medium
In JetBrains YouTrack before 2021.2.16363, system user passwords were hashed with SHA-256.
CVE-2021-37550	1 Jetbrains	1 Youtrack	2024-11-21	7.5 High
In JetBrains YouTrack before 2021.2.16363, time-unsafe comparisons were used.
CVE-2021-37549	1 Jetbrains	1 Youtrack	2024-11-21	9.1 Critical
In JetBrains YouTrack before 2021.1.11111, sandboxing in workflows was insufficient.
CVE-2021-31905	1 Jetbrains	1 Youtrack	2024-11-21	7.5 High
In JetBrains YouTrack before 2020.6.8801, information disclosure in an issue preview was possible.
CVE-2021-31903	1 Jetbrains	1 Youtrack	2024-11-21	6.1 Medium
In JetBrains YouTrack before 2021.1.9819, a pull request's title was sanitized insufficiently, leading to XSS.
CVE-2021-31902	1 Jetbrains	1 Youtrack	2024-11-21	7.5 High
In JetBrains YouTrack before 2020.6.6600, access control during the exporting of issues was implemented improperly.
CVE-2021-27733	1 Jetbrains	1 Youtrack	2024-11-21	5.4 Medium
In JetBrains YouTrack before 2020.6.6441, stored XSS was possible via an issue attachment.
CVE-2021-25771	1 Jetbrains	1 Youtrack	2024-11-21	4.3 Medium
In JetBrains YouTrack before 2020.6.1099, project information could be potentially disclosed.
CVE-2021-25770	1 Jetbrains	1 Youtrack	2024-11-21	9.8 Critical
In JetBrains YouTrack before 2020.5.3123, server-side template injection (SSTI) was possible, which could lead to code execution.
CVE-2021-25769	1 Jetbrains	1 Youtrack	2024-11-21	7.5 High
In JetBrains YouTrack before 2020.4.6808, the YouTrack administrator wasn't able to access attachments.
CVE-2021-25768	1 Jetbrains	1 Youtrack	2024-11-21	5.3 Medium
In JetBrains YouTrack before 2020.4.4701, permissions for attachments actions were checked improperly.
CVE-2021-25767	1 Jetbrains	1 Youtrack	2024-11-21	5.3 Medium
In JetBrains YouTrack before 2020.6.1767, an issue's existence could be disclosed via YouTrack command execution.
CVE-2021-25766	1 Jetbrains	1 Youtrack	2024-11-21	5.3 Medium
In JetBrains YouTrack before 2020.4.4701, improper resource access checks were made.
CVE-2021-25765	1 Jetbrains	1 Youtrack	2024-11-21	8.8 High
In JetBrains YouTrack before 2020.4.4701, CSRF via attachment upload was possible.
CVE-2020-7913	1 Jetbrains	1 Youtrack	2024-11-21	6.1 Medium
JetBrains YouTrack 2019.2 before 2019.2.59309 was vulnerable to XSS via an issue description.
CVE-2020-7912	1 Jetbrains	1 Youtrack	2024-11-21	5.3 Medium
In JetBrains YouTrack before 2019.2.59309, SMTP/Jabber settings could be accessed using backups.

« first previous Page 3 of 6. next last »