1120 matches found
CVE-2026-61492
In JetBrains YouTrack before 2026.2.17394 stored XSS via article titles in digest emails was possible...
CVE-2026-59791
In JetBrains YouTrack before 2026.2.17012 cSS injection via Mermaid diagram rendering was possible...
CVE-2026-61492
The provided connected documents identify a concrete vulnerability in JetBrains YouTrack: stored XSS via article titles in digest emails, affecting versions prior to 2026.2.17394. The exact root cause is not detailed beyond this description, and there are no explicit exploit details or remediatio...
EUVD-2026-42915
In JetBrains YouTrack before 2026.2.17394 stored XSS via article titles in digest emails was possible...
CVE-2026-61492
In JetBrains YouTrack before 2026.2.17394 stored XSS via article titles in digest emails was possible...
CVE-2026-59791
The CVE-2026-59791 affects JetBrains YouTrack prior to version 2026.2.17012, where CSS injection was possible through Mermaid diagram rendering. According to the available sources, the vulnerability is tied to the Mermaid diagram rendering component and could impact user interface rendering, with...
EUVD-2026-42909
In JetBrains YouTrack before 2026.2.17012 cSS injection via Mermaid diagram rendering was possible...
CVE-2026-59791
In JetBrains YouTrack before 2026.2.17012 cSS injection via Mermaid diagram rendering was possible...
EUVD-2026-39657
In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading saved queries and tags...
EUVD-2026-39654
In JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possible...
EUVD-2026-39656
In JetBrains YouTrack before 2026.2.16593 default role configuration exposed excessive user profile details...
EUVD-2026-39653
In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading users' private data via the comment templates endpoint...
CVE-2026-57923
In JetBrains YouTrack before 2026.2.16593 improper authorisation in the app configurations endpoint allowed modifying project settings...
CVE-2026-57925
In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading saved queries and tags...
CVE-2026-57924
In JetBrains YouTrack before 2026.2.16593 default role configuration exposed excessive user profile details...
CVE-2026-57926
In JetBrains YouTrack before 2026.2.16593 the websandbox bridge was vulnerable to a prototype pollution attack...
CVE-2026-57921
In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading users' private data via the comment templates endpoint...
CVE-2026-57922
In JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possible...
CVE-2026-57925
In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading saved queries and tags...
CVE-2026-57926
In JetBrains YouTrack before 2026.2.16593 the websandbox bridge was vulnerable to a prototype pollution attack...