2 matches found
CVE-2022-24442
JetBrains YouTrack before 2021.4.40426 was vulnerable to SSTI Server-Side Template Injection via FreeMarker templates...
CVE-2022-24442
JetBrains YouTrack (pre-2021.4.40426) is affected by SSTI via FreeMarker templates. The issue, CVE-2022-24442, allows server-side template injection and may enable remote code execution; the fix is to update to 2021.4.40426 or later. A public exploit PoC exists on GitHub outlining the RCE possibi...