Jetbrains: >> Hub >> 2021.1.13690 Security Vulnerabilities
In JetBrains Hub before 2022.2.14799, insufficient access control allowed the hijacking of untrusted services
CVSS Score
3.5
EPSS Score
0.0
Published
2022-07-01
In JetBrains Hub before 2022.1.14638 stored XSS via project icon was possible.
CVSS Score
6.1
EPSS Score
0.0
Published
2022-04-28
JetBrains Hub before 2021.1.14276 was vulnerable to reflected XSS.
CVSS Score
6.1
EPSS Score
0.0
Published
2022-02-25
JetBrains Hub before 2021.1.14276 was vulnerable to blind Server-Side Request Forgery (SSRF).
CVSS Score
9.1
EPSS Score
0.001
Published
2022-02-25
In JetBrains Hub before 2022.1.14434, SAML request takeover was possible.
CVSS Score
9.8
EPSS Score
0.0
Published
2022-02-25
In JetBrains Hub before 2021.1.13890, integration with JetBrains Account exposed an API key with excessive permissions.
CVSS Score
7.5
EPSS Score
0.0
Published
2022-02-25
In JetBrains Hub before 2021.1.13956, an unprivileged user could perform DoS.
CVSS Score
6.5
EPSS Score
0.0
Published
2022-02-25
Page 2