Lucene search
+L

1125 matches found

prion
prion
added 2019/10/02 7:15 p.m.18 views

Cross site request forgery (csrf)

JetBrains YouTrack versions before 2019.1 had a CSRF vulnerability on the settings page...

6.8CVSS8.6AI score0.00759EPSS
Exploits0References1Affected Software1
prion
prion
added 2019/10/02 7:15 p.m.23 views

Cross site scripting

In JetBrains YouTrack through 2019.2.56594, stored XSS was found on the issue page...

4.3CVSS5.9AI score0.01082EPSS
Exploits0References1Affected Software1
prion
prion
added 2019/10/02 7:15 p.m.21 views

Design/Logic Flaw

JetBrains YouTrack before 2019.2.53938 was using incorrect settings, allowing a user without necessary permissions to get other project names...

4CVSS4.7AI score0.00984EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2019/10/02 6:41 p.m.26 views

CVE-2019-14956

JetBrains YouTrack before 2019.2.53938 was using incorrect settings, allowing a user without necessary permissions to get other project names...

5.6AI score0.00984EPSS
Exploits0References1
cve
cve
added 2019/10/02 6:41 p.m.52 views

CVE-2019-14956

JetBrains YouTrack before 2019.2.53938 is affected by CVE-2019-14956, where incorrect settings allowed a user without sufficient permissions to obtain names of other projects. Red Hat and CVE trackers confirm the issue and the YouTrack entry on the JetBrains Q2 2019 security bulletin links the CV...

4.3CVSS4.6AI score0.00984EPSS
Exploits0References1Affected Software1
cve
cve
added 2019/10/02 6:32 p.m.50 views

CVE-2019-15040

JetBrains YouTrack is affected by a Cross-Site Request Forgery (CSRF) vulnerability on the settings page in versions prior to 2019.1. The issue is described consistently across multiple connected sources (Red Hat, CNVD, CNVD, NVD mirror entries) as a CSRF in YouTrack before 2019.1. The CVE entry ...

8.8CVSS8.6AI score0.00759EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2019/10/02 6:32 p.m.28 views

CVE-2019-15040

JetBrains YouTrack versions before 2019.1 had a CSRF vulnerability on the settings page...

9.1AI score0.00759EPSS
Exploits0References1
cve
cve
added 2019/10/02 6:24 p.m.47 views

CVE-2019-16171

CVE-2019-16171 affects JetBrains YouTrack (through 2019.2.56594). Multiple connected sources confirm a Stored XSS on the issue page . The vulnerability is described consistently across Red Hat, CNVD, CNVD-2019-41873, NVD, and related CVE lists. The reports do not provide specific product versions...

6.1CVSS5.9AI score0.01082EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2019/10/02 6:24 p.m.32 views

CVE-2019-16171

In JetBrains YouTrack through 2019.2.56594, stored XSS was found on the issue page...

6.7AI score0.01082EPSS
Exploits0References1
nvd
nvd
added 2019/10/01 8:15 p.m.25 views

CVE-2019-15041

JetBrains YouTrack versions before 2019.1.52545 allowed unbounded URL whitelisting because of Inclusion of Functionality from an Untrusted Control Sphere...

6.1CVSS7AI score0.01047EPSS
Exploits0References1
osv
osv
added 2019/10/01 8:15 p.m.4 views

CVE-2019-15041

JetBrains YouTrack versions before 2019.1.52545 allowed unbounded URL whitelisting because of Inclusion of Functionality from an Untrusted Control Sphere...

6.1CVSS6.4AI score0.01047EPSS
Exploits0References1
prion
prion
added 2019/10/01 8:15 p.m.19 views

Design/Logic Flaw

JetBrains YouTrack versions before 2019.1.52545 allowed unbounded URL whitelisting because of Inclusion of Functionality from an Untrusted Control Sphere...

5.8CVSS6.3AI score0.01047EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2019/10/01 7:35 p.m.22 views

CVE-2019-15041

JetBrains YouTrack versions before 2019.1.52545 allowed unbounded URL whitelisting because of Inclusion of Functionality from an Untrusted Control Sphere...

7AI score0.01047EPSS
Exploits0References1
cve
cve
added 2019/10/01 7:35 p.m.109 views

CVE-2019-15041

CVE-2019-15041 affects JetBrains YouTrack. YouTrack versions before 2019.1.52545 allow unbounded URL whitelisting due to Inclusion of Functionality from an Untrusted Control Sphere. Public sources (Red Hat, CNVD, CVE listings) confirm the issue and associate the fixed build with YouTrack 2019.1.5...

6.1CVSS6.3AI score0.01047EPSS
Exploits0References1Affected Software1
osv
osv
added 2019/10/01 4:15 p.m.3 views

CVE-2019-14953

JetBrains YouTrack versions before 2019.2.53938 had a possible XSS through issue attachments when using the Firefox browser...

6.1CVSS6.4AI score0.00868EPSS
Exploits0References1
nvd
nvd
added 2019/10/01 4:15 p.m.28 views

CVE-2019-14953

JetBrains YouTrack versions before 2019.2.53938 had a possible XSS through issue attachments when using the Firefox browser...

6.1CVSS6.6AI score0.00868EPSS
Exploits0References1
prion
prion
added 2019/10/01 4:15 p.m.16 views

Cross site scripting

JetBrains YouTrack versions before 2019.2.53938 had a possible XSS through issue attachments when using the Firefox browser...

4.3CVSS5.9AI score0.00868EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2019/10/01 3:48 p.m.24 views

CVE-2019-14953

JetBrains YouTrack versions before 2019.2.53938 had a possible XSS through issue attachments when using the Firefox browser...

6.6AI score0.00868EPSS
Exploits0References1
cve
cve
added 2019/10/01 3:48 p.m.89 views

CVE-2019-14953

CVE-2019-14953 affects JetBrains YouTrack versions before 2019.2.53938. The issue is a stored XSS via issue attachments when using Firefox, attributed to insufficient validation of client data in the web application. Impact is client-side code execution in affected YouTrack deployments. The fix i...

6.1CVSS5.9AI score0.00868EPSS
Exploits0References1Affected Software1
osv
osv
added 2019/10/01 2:15 p.m.5 views

CVE-2019-14952

JetBrains YouTrack versions before 2019.1.52584 had a possible XSS in the issue titles...

6.1CVSS6.4AI score0.01051EPSS
Exploits0References1
Rows per page
Query Builder