3 matches found
CVE-2022-28648
In JetBrains YouTrack before 2022.1.43563 HTML code from the issue description was being rendered...
CVE-2022-28648
creationtimestamp| type| source ---|---|--- 2022-04-05 22:29:06+00:00| seen| https://t.me/cibsecurity/40194...
CVE-2022-28648
Summary: CVE-2022-28648 concerns JetBrains YouTrack prior to version 2022.1.43563, where HTML from the issue description could be rendered in the UI, creating a potential cross-site scripting (XSS) issue. The CNVD entry additionally notes risk of cookie-based credential theft in relation to YouTr...