Jetbrains: Security Vulnerabilities
In JetBrains TeamCity before 2021.1.3, the X-Frame-Options header is missing in some cases.
CVSS Score
9.8
EPSS Score
0.0
Published
2021-11-30
In JetBrains Hub before 2021.1.13690, information disclosure via avatar metadata is possible.
CVSS Score
7.5
EPSS Score
0.0
Published
2021-11-09
In JetBrains Hub before 2021.1.13690, stored XSS is possible.
CVSS Score
6.1
EPSS Score
0.0
Published
2021-11-09
In JetBrains Hub before 2021.1.13415, a DoS via user information is possible.
CVSS Score
7.5
EPSS Score
0.0
Published
2021-11-09
In JetBrains TeamCity before 2021.1.3, a newly created project could take settings from an already deleted project.
CVSS Score
5.3
EPSS Score
0.0
Published
2021-11-09
In JetBrains Ktor before 1.6.4, nonce verification during the OAuth2 authentication process is implemented improperly.
CVSS Score
7.5
EPSS Score
0.0
Published
2021-11-09
JetBrains YouTrack before 2021.3.24402 is vulnerable to stored XSS.
CVSS Score
5.4
EPSS Score
0.0
Published
2021-11-09
In JetBrains YouTrack Mobile before 2021.2, the client-side cache on iOS could contain sensitive information.
CVSS Score
5.3
EPSS Score
0.0
Published
2021-11-09
In JetBrains YouTrack Mobile before 2021.2, access token protection on iOS is incomplete.
CVSS Score
7.3
EPSS Score
0.0
Published
2021-11-09
In JetBrains YouTrack Mobile before 2021.2, access token protection on Android is incomplete.
CVSS Score
7.3
EPSS Score
0.0
Published
2021-11-09