Jetbrains: >> Youtrack >> 2019.2.56594 Security Vulnerabilities
In JetBrains YouTrack before 2020.2.6881, a user without permission is able to create an article draft.
CVSS Score
6.5
EPSS Score
0.0
Published
2020-08-08
JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-08-08
In JetBrains YouTrack before 2020.1.1331, an external user could execute commands against arbitrary issues.
CVSS Score
8.8
EPSS Score
0.0
Published
2020-08-08
In JetBrains YouTrack before 2020.2.8527, the subtasks workflow could disclose issue existence.
CVSS Score
5.3
EPSS Score
0.0
Published
2020-08-08
JetBrains YouTrack before 2020.2.10643 was vulnerable to SSRF that allowed scanning internal ports.
CVSS Score
5.3
EPSS Score
0.0
Published
2020-08-08
In JetBrains YouTrack before 2020.1.659, DB export was accessible to read-only administrators.
CVSS Score
2.7
EPSS Score
0.0
Published
2020-04-22
JetBrains YouTrack before 2020.1.659 was vulnerable to DoS that could be caused by attaching a malformed TIFF file to an issue.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-04-22
In JetBrains YouTrack before 2019.2.59309, SMTP/Jabber settings could be accessed using backups.
CVSS Score
5.3
EPSS Score
0.0
Published
2020-01-30
JetBrains YouTrack 2019.2 before 2019.2.59309 was vulnerable to XSS via an issue description.
CVSS Score
6.1
EPSS Score
0.0
Published
2020-01-30
In JetBrains YouTrack through 2019.2.56594, stored XSS was found on the issue page.
CVSS Score
6.1
EPSS Score
0.0
Published
2019-10-02