Jetbrains: >> Youtrack >> 2.2.1 Security Vulnerabilities
In JetBrains YouTrack before 2024.3.44799 token could be revealed on Imports page
CVSS Score
4.1
EPSS Score
0.0
Published
2024-09-19
In JetBrains YouTrack before 2024.3.44799 user without appropriate permissions could restore workflows attached to a project
CVSS Score
4.3
EPSS Score
0.0
Published
2024-09-19
In JetBrains YouTrack before 2024.2.34646 user without appropriate permissions could enable the auto-attach option for workflows
CVSS Score
6.3
EPSS Score
0.0
Published
2024-06-18
In JetBrains YouTrack before 2024.2.34646 the Guest User Account was enabled for attaching files to articles
CVSS Score
4.3
EPSS Score
0.0
Published
2024-06-18
In JetBrains YouTrack before 2024.2.34646 user access token was sent to the third-party site
CVSS Score
5.3
EPSS Score
0.0
Published
2024-06-18
In JetBrains YouTrack before 2024.1.29548 the SMTPS protocol communication lacked proper certificate hostname validation
CVSS Score
5.9
EPSS Score
0.0
Published
2024-05-16
In JetBrains YouTrack before 2024.1.25893 user without appropriate permissions could restore issues and articles
CVSS Score
6.5
EPSS Score
0.0
Published
2024-03-07
In JetBrains YouTrack before 2024.1.25893 attaching/detaching workflow to a project was possible without project admin permissions
CVSS Score
6.5
EPSS Score
0.0
Published
2024-03-07
In JetBrains YouTrack before 2024.1.25893 creation comments on behalf of an arbitrary user in HelpDesk was possible
CVSS Score
5.3
EPSS Score
0.0
Published
2024-03-07
In JetBrains YouTrack before 2023.3.22666 stored XSS via markdown was possible
CVSS Score
4.6
EPSS Score
0.212
Published
2024-01-09