Jetbrains: >> Youtrack Security Vulnerabilities
In JetBrains YouTrack before 2024.2.34646 user without appropriate permissions could enable the auto-attach option for workflows
CVSS Score
6.3
EPSS Score
0.0
Published
2024-06-18
In JetBrains YouTrack before 2024.2.34646 the Guest User Account was enabled for attaching files to articles
CVSS Score
4.3
EPSS Score
0.0
Published
2024-06-18
In JetBrains YouTrack before 2024.2.34646 user access token was sent to the third-party site
CVSS Score
5.3
EPSS Score
0.0
Published
2024-06-18
In JetBrains YouTrack before 2024.1.29548 the SMTPS protocol communication lacked proper certificate hostname validation
CVSS Score
5.9
EPSS Score
0.0
Published
2024-05-16
In JetBrains YouTrack before 2024.1.25893 user without appropriate permissions could restore issues and articles
CVSS Score
6.5
EPSS Score
0.0
Published
2024-03-07
In JetBrains YouTrack before 2024.1.25893 attaching/detaching workflow to a project was possible without project admin permissions
CVSS Score
6.5
EPSS Score
0.0
Published
2024-03-07
In JetBrains YouTrack before 2024.1.25893 creation comments on behalf of an arbitrary user in HelpDesk was possible
CVSS Score
5.3
EPSS Score
0.0
Published
2024-03-07
In JetBrains YouTrack before 2023.3.22666 stored XSS via markdown was possible
CVSS Score
4.6
EPSS Score
0.3
Published
2024-01-09
In JetBrains YouTrack before 2023.3.22268 authorization check for inline comments inside thread replies was missed
CVSS Score
4.3
EPSS Score
0.0
Published
2023-12-15
In JetBrains YouTrack before 2023.1.16597 captcha was not properly validated for Helpdesk forms
CVSS Score
6.5
EPSS Score
0.0
Published
2023-07-12