CVE-2026-57923

CVE-2026-57923 affects JetBrains YouTrack prior to 2026.2.16593. The issue is an improper authorization flaw in the app configurations endpoint that permits modifying project settings. According to the record, the vulnerability has a CVSS 3.1 base score of 5.3 (Medium) with network attack vector,...

JetBrains YouTrack 安全漏洞

JetBrains YouTrack is a browser-based error tracking and project management software developed by Czech company JetBrains. This software features error tracking, the ability to create workflows, and monitoring of project progress. Versions of JetBrains YouTrack prior to 2026.1.13570 contained...

CVE-2026-33392

CVE-2026-33392 affects JetBrains YouTrack prior to version 2025.3.131383. The vulnerability enables a remote code execution (RCE) by a high-privilege user via a sandbox bypass. The available descriptions indicate an attacker with high privileges can trigger code execution, with impact on confiden...

CVE-2021-27733

In JetBrains YouTrack before 2020.6.6441, stored XSS was possible via an issue attachment...

CVE-2025-64685

In JetBrains YouTrack before 2025.3.104432 missing TLS certificate validation enabled data disclosure...

PT-2025-46155

Name of the Vulnerable Software and Affected Versions JetBrains YouTrack versions prior to 2025.3.104432 Description A flaw exists in JetBrains YouTrack where incomplete user principal cleanup can result in the reuse of an incorrect authorization context. Recommendations Update to version...

JetBrains YouTrack 信任管理问题漏洞

JetBrains YouTrack is a browser-based bug tracking and project management software from the Czech company JetBrains. The software features bug tracking, creating workflows and monitoring project progress. A trust management issue vulnerability exists in versions prior to JetBrains YouTrack...

EUVD-2021-30128

Malicious code in bioql PyPI...

EUVD-2022-29241

Malicious code in bioql PyPI...

CVE-2025-57731

In JetBrains YouTrack before 2025.2.92387 stored XSS was possible via Mermaid diagram content...

JetBrains YouTrack 跨站脚本漏洞

JetBrains YouTrack is a project management tool developed by the Czech company JetBrains. JetBrains YouTrack suffers from a cross-site scripting vulnerability that stems from the content of Mermaid charts, no details of the vulnerability are provided at this time...

CVE-2024-28230

In JetBrains YouTrack before 2024.1.25893 attaching/detaching workflow to a project was possible without project admin permissions...

CVE-2022-24347

JetBrains YouTrack before 2021.4.36872 was vulnerable to stored XSS via a project icon...

CVE-2021-37550

In JetBrains YouTrack before 2021.2.16363, time-unsafe comparisons were used...

CVE-2021-43186

JetBrains YouTrack before 2021.3.24402 is vulnerable to stored XSS...

CVE-2021-37554

In JetBrains YouTrack before 2021.3.21051, a user could see boards without having corresponding permissions...

CVE-2020-15821

In JetBrains YouTrack before 2020.2.6881, a user without permission is able to create an article draft...

CVE-2020-15822

In JetBrains YouTrack before 2020.2.10514, SSRF is possible because URL filtering can be escaped...

CVE-2020-25210

In JetBrains YouTrack before 2020.3.7955, an attacker could access workflow rules without appropriate access grants...

CVE-2020-15819

JetBrains YouTrack before 2020.2.10643 was vulnerable to SSRF that allowed scanning internal ports...