Jetbrains: >> Youtrack >> 2018.2.44329 Security Vulnerabilities
JetBrains YouTrack before 2021.3.23639 is vulnerable to Host header injection.
CVSS Score
9.8
EPSS Score
0.0
Published
2021-11-09
In JetBrains YouTrack before 2021.1.11111, sandboxing in workflows was insufficient.
CVSS Score
9.1
EPSS Score
0.0
Published
2021-08-06
In JetBrains YouTrack before 2021.2.16363, time-unsafe comparisons were used.
CVSS Score
7.5
EPSS Score
0.0
Published
2021-08-06
In JetBrains YouTrack before 2021.2.16363, system user passwords were hashed with SHA-256.
CVSS Score
5.3
EPSS Score
0.0
Published
2021-08-06
In JetBrains YouTrack before 2021.2.17925, stored XSS was possible.
CVSS Score
5.4
EPSS Score
0.0
Published
2021-08-06
In JetBrains YouTrack before 2021.2.16363, an insecure PRNG was used.
CVSS Score
7.5
EPSS Score
0.0
Published
2021-08-06
In JetBrains YouTrack before 2021.3.21051, a user could see boards without having corresponding permissions.
CVSS Score
4.3
EPSS Score
0.0
Published
2021-08-06
In JetBrains YouTrack before 2020.6.6441, stored XSS was possible via an issue attachment.
CVSS Score
5.4
EPSS Score
0.0
Published
2021-05-11
In JetBrains YouTrack before 2020.6.6600, access control during the exporting of issues was implemented improperly.
CVSS Score
7.5
EPSS Score
0.0
Published
2021-05-11
In JetBrains YouTrack before 2021.1.9819, a pull request's title was sanitized insufficiently, leading to XSS.
CVSS Score
6.1
EPSS Score
0.0
Published
2021-05-11