Jetbrains: >> Youtrack >> 2019.3 Security Vulnerabilities
In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit
CVSS Score
2.7
EPSS Score
0.0
Published
2025-11-11
In JetBrains YouTrack before 2025.3.104432 missing TLS certificate validation enabled data disclosure
CVSS Score
8.1
EPSS Score
0.0
Published
2025-11-10
In JetBrains YouTrack before 2025.3.104432 missing user principal cleanup led to reuse of incorrect authorization context
CVSS Score
3.1
EPSS Score
0.0
Published
2025-11-10
In JetBrains YouTrack before 2025.3.104432 improper access control allowed modify MCP tool logic
CVSS Score
5.4
EPSS Score
0.0
Published
2025-11-10
In JetBrains YouTrack before 2025.3.104432 missing VCS URL validation allowed delegation to unauthorized repositories from the Junie widget
CVSS Score
7.4
EPSS Score
0.0
Published
2025-11-10
In JetBrains YouTrack before 2025.3.104432 misconfiguration in the Junie could lead to exposure of the global Junie token
CVSS Score
9.6
EPSS Score
0.0
Published
2025-11-10
In JetBrains YouTrack before 2025.3.104432 insecure Junie configuration could lead to data exposure and unauthorized changes
CVSS Score
5.4
EPSS Score
0.0
Published
2025-11-10
In JetBrains YouTrack before 2025.3.104432 information disclosure was possible via the feedback form
CVSS Score
4.3
EPSS Score
0.0
Published
2025-11-10
In JetBrains YouTrack before 2025.2.92387 stored XSS was possible via Mermaid diagram content
CVSS Score
8.7
EPSS Score
0.001
Published
2025-08-20
In JetBrains YouTrack before 2025.2.86069,
2024.3.85077,
2025.1.86199 email spoofing via an administrative API was possible
CVSS Score
7.6
EPSS Score
0.0
Published
2025-07-15
Page 1