Jetbrains: Security Vulnerabilities
In JetBrains IntelliJ IDEA before 2022.1 reflected XSS via error messages in internal web server was possible
CVSS Score
3.9
EPSS Score
0.0
Published
2022-04-28
In JetBrains IntelliJ IDEA before 2022.1 origin checks in the internal web server were flawed
CVSS Score
3.9
EPSS Score
0.0
Published
2022-04-28
In JetBrains IntelliJ IDEA before 2022.1 local code execution via links in Quick Documentation was possible
CVSS Score
6.9
EPSS Score
0.0
Published
2022-04-28
In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was possible
CVSS Score
3.0
EPSS Score
0.0
Published
2022-04-28
In JetBrains Rider before 2022.1 local code execution via links in ReSharper Quick Documentation was possible
CVSS Score
6.9
EPSS Score
0.0
Published
2022-04-28
In JetBrains Hub before 2022.1.14638 stored XSS via project icon was possible.
CVSS Score
6.1
EPSS Score
0.0
Published
2022-04-28
In JetBrains Ktor Native before version 2.0.0 random values used for nonce generation weren't using SecureRandom implementations
CVSS Score
3.3
EPSS Score
0.0
Published
2022-04-11
In JetBrains YouTrack before 2022.1.43563 it was possible to include an iframe from a third-party domain in the issue description
CVSS Score
4.6
EPSS Score
0.0
Published
2022-04-05
In JetBrains YouTrack before 2022.1.43700 it was possible to inject JavaScript into Markdown in the YouTrack Classic UI
CVSS Score
7.3
EPSS Score
0.0
Published
2022-04-05
In JetBrains IntelliJ IDEA before 2021.3.3 it was possible to get passwords from protected fields
CVSS Score
8.4
EPSS Score
0.0
Published
2022-04-05