Lucene search
+L

4 matches found

CVE
CVE
added 2019/10/01 4:43 p.m.108 views

CVE-2019-14961

JetBrains Upsource prior to 2019.1.1412 is affected by a Cross‑Site Scripting (XSS) vulnerability due to insufficient escaping of code blocks (HTML tags) in code block comments. The issue is documented across multiple sources (e.g., CVE-2019-14961, JetBrains Security Bulletin Q2 2019) and is reso...

6.1CVSS6.2AI score0.00785EPSS
CVE
CVE
added 2020/08/08 8:52 p.m.72 views

CVE-2019-19704

CVE-2019-19704 affects JetBrains Upsource prior to 2020.1, where an incorrect user matching algorithm could lead to information disclosure. The Red Hat/CNVD/NVD entries corroborate that Upsource before 2020.1 is vulnerable due to this issue. The Red Hat entry and CNVD descriptions consistently st...

7.5CVSS7.2AI score0.01345EPSS
CVE
CVE
added 2019/10/02 6:52 p.m.56 views

CVE-2019-12156

CVE-2019-12156 affects JetBrains TeamCity (before 2018.2.5) and UpSource (before 2018.2 build 1293). Root cause: an error message could reflect the entire server response, leading to exposure of server metadata. Impact: potential disclosure of sensitive information via error responses. Remediatio...

5.3CVSS5.2AI score0.00904EPSS
CVE
CVE
added 2021/05/11 12:16 p.m.53 views

CVE-2021-30482

Affected software: JetBrains Upsource (prior to 2020.1.1883). The CVE-2021-30482 issue is that application passwords were not revoked correctly due to a flaw in Upsource’s password handling. Impact is stated as High risk; remediation: upgrade to version 2020.1.1883 or later where the issue is fix...

7.5CVSS7.5AI score0.00944EPSS