Lucene search
Youtrack Security Vulnerabilities - February 2022
cve
In JetBrains YouTrack before 2021.4.31698, a custom logo could be set by a user who has read-only permissions.
4.3CVSS
4.6AI Score
0.001EPSS
2022-02-25 03:15 PM
52
cve
JetBrains YouTrack before 2021.4.31698 was vulnerable to stored XSS on the Notification templates page.
5.4CVSS
5.1AI Score
0.001EPSS
2022-02-25 03:15 PM
72
cve
JetBrains YouTrack before 2021.4.36872 was vulnerable to stored XSS via a project icon.
5.4CVSS
5.1AI Score
0.001EPSS
2022-02-25 03:15 PM
68
cve
JetBrains YouTrack before 2021.4.40426 was vulnerable to SSTI (Server-Side Template Injection) via FreeMarker templates.
9.8CVSS
9.4AI Score
0.002EPSS
2022-02-25 08:15 PM
38