Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
JetbrainsYoutrack*

7 matches found

CVE
CVEadded 2022/04/05 6:15 p.m.88 views

CVE-2022-28650

In JetBrains YouTrack before 2022.1.43700 it was possible to inject JavaScript into Markdown in the YouTrack Classic UI

7.3CVSS5.4AI score0.00009EPSS
CVE
CVEadded 2022/02/25 3:15 p.m.82 views

CVE-2022-24344

JetBrains YouTrack before 2021.4.31698 was vulnerable to stored XSS on the Notification templates page.

5.4CVSS5.1AI score0.00009EPSS
CVE
CVEadded 2022/02/25 3:15 p.m.78 views

CVE-2022-24347

JetBrains YouTrack before 2021.4.36872 was vulnerable to stored XSS via a project icon.

5.4CVSS5.1AI score0.00009EPSS
CVE
CVEadded 2022/04/05 6:15 p.m.67 views

CVE-2022-28648

In JetBrains YouTrack before 2022.1.43563 HTML code from the issue description was being rendered

5.7CVSS5.6AI score0.00004EPSS
CVE
CVEadded 2022/02/25 3:15 p.m.62 views

CVE-2022-24343

In JetBrains YouTrack before 2021.4.31698, a custom logo could be set by a user who has read-only permissions.

4.3CVSS4.6AI score0.00002EPSS
CVE
CVEadded 2022/04/05 6:15 p.m.62 views

CVE-2022-28649

In JetBrains YouTrack before 2022.1.43563 it was possible to include an iframe from a third-party domain in the issue description

5.4CVSS5.4AI score0.00003EPSS
CVE
CVEadded 2022/02/25 8:15 p.m.54 views

CVE-2022-24442

JetBrains YouTrack before 2021.4.40426 was vulnerable to SSTI (Server-Side Template Injection) via FreeMarker templates.

9.8CVSS9.4AI score0.00017EPSS