In JetBrains Hub before 2021.1.13389, account takeover was possible during password reset.
9.8CVSS
9.5AI Score
0.002EPSS
In JetBrains Hub before 2021.1.13690, the authentication throttling mechanism could be bypassed.
9.8CVSS
9.5AI Score
0.003EPSS
JetBrains Hub before 2021.1.14276 was vulnerable to blind Server-Side Request Forgery (SSRF).
9.1CVSS
9.2AI Score
0.002EPSS
9.8CVSS
9.4AI Score
0.002EPSS
In JetBrains Hub before 2023.1.15725 SSRF protection in Auth Module integration was missing
9.8CVSS
9.3AI Score
0.002EPSS