Youtrack CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (104 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2020-27626	1 Jetbrains	1 Youtrack	2024-11-21	5.3 Medium
JetBrains YouTrack before 2020.3.5333 was vulnerable to SSRF.
CVE-2020-27625	1 Jetbrains	1 Youtrack	2024-11-21	5.3 Medium
In JetBrains YouTrack before 2020.3.888, notifications might have mentioned inaccessible issues.
CVE-2020-27624	1 Jetbrains	1 Youtrack	2024-11-21	5.3 Medium
JetBrains YouTrack before 2020.3.888 was vulnerable to SSRF.
CVE-2020-25210	1 Jetbrains	1 Youtrack	2024-11-21	5.3 Medium
In JetBrains YouTrack before 2020.3.7955, an attacker could access workflow rules without appropriate access grants.
CVE-2020-25209	1 Jetbrains	1 Youtrack	2024-11-21	7.5 High
In JetBrains YouTrack before 2020.3.6638, improper access control for some subresources leads to information disclosure via the REST API.
CVE-2020-25208	1 Jetbrains	1 Youtrack	2024-11-21	5.3 Medium
In JetBrains YouTrack before 2020.4.4701, an attacker could enumerate users via the REST API without appropriate permissions.
CVE-2020-24618	1 Jetbrains	1 Youtrack	2024-11-21	6.5 Medium
In JetBrains YouTrack versions before 2020.3.4313, 2020.2.11008, 2020.1.11011, 2019.1.65514, 2019.2.65515, and 2019.3.65516, an attacker can retrieve an issue description without appropriate access.
CVE-2020-24366	1 Jetbrains	1 Youtrack	2024-11-21	3.3 Low
Sensitive information could be disclosed in the JetBrains YouTrack application before 2020.2.0 for Android via application backups.
CVE-2020-15823	1 Jetbrains	1 Youtrack	2024-11-21	7.5 High
JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component.
CVE-2020-15822	1 Jetbrains	1 Youtrack	2024-11-21	7.3 High
In JetBrains YouTrack before 2020.2.10514, SSRF is possible because URL filtering can be escaped.
CVE-2020-15821	1 Jetbrains	1 Youtrack	2024-11-21	6.5 Medium
In JetBrains YouTrack before 2020.2.6881, a user without permission is able to create an article draft.
CVE-2020-15820	1 Jetbrains	1 Youtrack	2024-11-21	5.3 Medium
In JetBrains YouTrack before 2020.2.6881, the markdown parser could disclose hidden file existence.
CVE-2020-15819	1 Jetbrains	1 Youtrack	2024-11-21	5.3 Medium
JetBrains YouTrack before 2020.2.10643 was vulnerable to SSRF that allowed scanning internal ports.
CVE-2020-15818	1 Jetbrains	1 Youtrack	2024-11-21	5.3 Medium
In JetBrains YouTrack before 2020.2.8527, the subtasks workflow could disclose issue existence.
CVE-2020-15817	1 Jetbrains	1 Youtrack	2024-11-21	8.8 High
In JetBrains YouTrack before 2020.1.1331, an external user could execute commands against arbitrary issues.
CVE-2020-11693	1 Jetbrains	1 Youtrack	2024-11-21	7.5 High
JetBrains YouTrack before 2020.1.659 was vulnerable to DoS that could be caused by attaching a malformed TIFF file to an issue.
CVE-2020-11692	1 Jetbrains	1 Youtrack	2024-11-21	2.7 Low
In JetBrains YouTrack before 2020.1.659, DB export was accessible to read-only administrators.
CVE-2019-18369	1 Jetbrains	1 Youtrack	2024-11-21	5.3 Medium
In JetBrains YouTrack before 2019.2.55152, removing tags from the issues list without the corresponding permission was possible.
CVE-2019-16171	1 Jetbrains	1 Youtrack	2024-11-21	6.1 Medium
In JetBrains YouTrack through 2019.2.56594, stored XSS was found on the issue page.
CVE-2019-15041	1 Jetbrains	1 Youtrack	2024-11-21	6.1 Medium
JetBrains YouTrack versions before 2019.1.52545 allowed unbounded URL whitelisting because of Inclusion of Functionality from an Untrusted Control Sphere.

« first previous Page 4 of 6. next last »