In JetBrains YouTrack before 2024.2.34646 user without appropriate permissions could enable the auto-attach option for...
6.3CVSS
6.4AI Score
0.0004EPSS
In JetBrains YouTrack before 2024.2.34646 user access token was sent to the third-party...
5.3CVSS
5.3AI Score
0.0004EPSS
In JetBrains YouTrack before 2024.2.34646 the Guest User Account was enabled for attaching files to...
4.3CVSS
4.8AI Score
0.0004EPSS
In JetBrains YouTrack before 2024.1.29548 the SMTPS protocol communication lacked proper certificate hostname...
5.9CVSS
6.9AI Score
0.0004EPSS
In JetBrains YouTrack before 2024.1.25893 user without appropriate permissions could restore issues and...
6.5CVSS
6.5AI Score
0.0004EPSS
In JetBrains YouTrack before 2024.1.25893 attaching/detaching workflow to a project was possible without project admin...
6.5CVSS
6.4AI Score
0.0004EPSS
In JetBrains YouTrack before 2024.1.25893 creation comments on behalf of an arbitrary user in HelpDesk was...
5.3CVSS
5.4AI Score
0.0004EPSS
5.4CVSS
5.2AI Score
0.0004EPSS
In JetBrains YouTrack before 2023.3.22268 authorization check for inline comments inside thread replies was...
4.3CVSS
4.8AI Score
0.0004EPSS
In JetBrains YouTrack before 2023.1.16597 captcha was not properly validated for Helpdesk...
7.3CVSS
7.2AI Score
0.001EPSS
In JetBrains YouTrack before 2023.1.10518 a DoS attack was possible via Helpdesk...
7.5CVSS
7.5AI Score
0.001EPSS
In JetBrains YouTrack before 2023.1.10518 stored XSS in a Markdown-rendering engine was...
5.4CVSS
5.2AI Score
0.0005EPSS
In JetBrains YouTrack before 2022.1.43700 it was possible to inject JavaScript into Markdown in the YouTrack Classic...
7.3CVSS
5.4AI Score
0.001EPSS
In JetBrains YouTrack before 2022.1.43563 it was possible to include an iframe from a third-party domain in the issue...
5.4CVSS
5.4AI Score
0.001EPSS
In JetBrains YouTrack before 2022.1.43563 HTML code from the issue description was being...
5.7CVSS
5.6AI Score
0.001EPSS
JetBrains YouTrack before 2021.4.40426 was vulnerable to SSTI (Server-Side Template Injection) via FreeMarker...
9.8CVSS
9.4AI Score
0.002EPSS
JetBrains YouTrack before 2021.4.36872 was vulnerable to stored XSS via a project...
5.4CVSS
5.1AI Score
0.001EPSS
In JetBrains YouTrack before 2021.4.31698, a custom logo could be set by a user who has read-only...
4.3CVSS
4.6AI Score
0.001EPSS
JetBrains YouTrack before 2021.4.31698 was vulnerable to stored XSS on the Notification templates...
5.4CVSS
5.1AI Score
0.001EPSS
In JetBrains YouTrack Mobile before 2021.2, access token protection on Android is...
7.3CVSS
7.1AI Score
0.001EPSS
JetBrains YouTrack Mobile before 2021.2, is missing the security screen on Android and...
5.3CVSS
5.3AI Score
0.001EPSS
5.3CVSS
5AI Score
0.001EPSS
5.4CVSS
5.4AI Score
0.001EPSS
7.3CVSS
6.9AI Score
0.001EPSS
In JetBrains YouTrack Mobile before 2021.2, the client-side cache on iOS could contain sensitive...
5.3CVSS
5AI Score
0.001EPSS
5.3CVSS
5.3AI Score
0.001EPSS
9.8CVSS
9.6AI Score
0.002EPSS
5.4CVSS
5.2AI Score
0.001EPSS
5.4CVSS
5.1AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.001EPSS
In JetBrains YouTrack before 2021.3.21051, a user could see boards without having corresponding...
4.3CVSS
4.6AI Score
0.001EPSS
9.1CVSS
9.1AI Score
0.002EPSS
In JetBrains YouTrack before 2021.2.16363, system user passwords were hashed with...
5.3CVSS
5.3AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.002EPSS
In JetBrains YouTrack before 2020.6.8801, information disclosure in an issue preview was...
7.5CVSS
7.2AI Score
0.002EPSS
In JetBrains YouTrack before 2020.6.6600, access control during the exporting of issues was implemented...
7.5CVSS
7.5AI Score
0.001EPSS
In JetBrains YouTrack before 2021.1.9819, a pull request's title was sanitized insufficiently, leading to...
6.1CVSS
6.2AI Score
0.001EPSS
5.4CVSS
5.2AI Score
0.001EPSS
In JetBrains YouTrack before 2020.4.4701, permissions for attachments actions were checked...
5.3CVSS
5.4AI Score
0.001EPSS
In JetBrains YouTrack before 2020.5.3123, server-side template injection (SSTI) was possible, which could lead to code...
9.8CVSS
9.6AI Score
0.012EPSS
In JetBrains YouTrack before 2020.6.1099, project information could be potentially...
4.3CVSS
4.5AI Score
0.001EPSS
In JetBrains YouTrack before 2020.6.1767, an issue's existence could be disclosed via YouTrack command...
5.3CVSS
5.5AI Score
0.001EPSS
In JetBrains YouTrack before 2020.4.6808, the YouTrack administrator wasn't able to access...
7.5CVSS
7.4AI Score
0.001EPSS
8.8CVSS
8.7AI Score
0.001EPSS
5.3CVSS
5.4AI Score
0.001EPSS
In JetBrains YouTrack before 2020.4.4701, an attacker could enumerate users via the REST API without appropriate...
5.3CVSS
5.3AI Score
0.001EPSS
5.3CVSS
5.3AI Score
0.001EPSS
In JetBrains YouTrack before 2020.3.888, notifications might have mentioned inaccessible...
5.3CVSS
5.3AI Score
0.001EPSS
5.3CVSS
5.3AI Score
0.001EPSS
In JetBrains YouTrack before 2020.3.6638, improper access control for some subresources leads to information disclosure via the REST...
7.5CVSS
7.2AI Score
0.002EPSS