Jetbrains: >> Youtrack Security Vulnerabilities
In JetBrains YouTrack versions before 2020.3.4313, 2020.2.11008, 2020.1.11011, 2019.1.65514, 2019.2.65515, and 2019.3.65516, an attacker can retrieve an issue description without appropriate access.
CVSS Score
6.5
EPSS Score
0.0
Published
2020-08-27
In JetBrains YouTrack before 2020.2.6881, the markdown parser could disclose hidden file existence.
CVSS Score
5.3
EPSS Score
0.0
Published
2020-08-08
In JetBrains YouTrack before 2020.2.6881, a user without permission is able to create an article draft.
CVSS Score
6.5
EPSS Score
0.0
Published
2020-08-08
JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-08-08
In JetBrains YouTrack before 2020.1.1331, an external user could execute commands against arbitrary issues.
CVSS Score
8.8
EPSS Score
0.0
Published
2020-08-08
In JetBrains YouTrack before 2020.2.8527, the subtasks workflow could disclose issue existence.
CVSS Score
5.3
EPSS Score
0.0
Published
2020-08-08
JetBrains YouTrack before 2020.2.10643 was vulnerable to SSRF that allowed scanning internal ports.
CVSS Score
5.3
EPSS Score
0.0
Published
2020-08-08
In JetBrains YouTrack before 2020.1.659, DB export was accessible to read-only administrators.
CVSS Score
2.7
EPSS Score
0.0
Published
2020-04-22
JetBrains YouTrack before 2020.1.659 was vulnerable to DoS that could be caused by attaching a malformed TIFF file to an issue.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-04-22
In JetBrains YouTrack before 2019.2.59309, SMTP/Jabber settings could be accessed using backups.
CVSS Score
5.3
EPSS Score
0.0
Published
2020-01-30