Jetbrains: >> Youtrack >> 2018.4.49168 Security Vulnerabilities
JetBrains YouTrack before 2019.2.53938 was using incorrect settings, allowing a user without necessary permissions to get other project names.
CVSS Score
4.3
EPSS Score
0.0
Published
2019-10-02
JetBrains YouTrack versions before 2019.1.52545 allowed unbounded URL whitelisting because of Inclusion of Functionality from an Untrusted Control Sphere.
CVSS Score
6.1
EPSS Score
0.0
Published
2019-10-01
JetBrains YouTrack versions before 2019.2.53938 had a possible XSS through issue attachments when using the Firefox browser.
CVSS Score
6.1
EPSS Score
0.0
Published
2019-10-01
JetBrains YouTrack versions before 2019.1.52584 had a possible XSS in the issue titles.
CVSS Score
6.1
EPSS Score
0.0
Published
2019-10-01
A CSRF vulnerability was detected in one of the admin endpoints of JetBrains YouTrack. The issue was fixed in YouTrack 2018.4.49852.
CVSS Score
8.8
EPSS Score
0.0
Published
2019-07-03
Page 9