6 matches found
CVE-2024-47159
In JetBrains YouTrack before 2024.3.44799 user without appropriate permissions could restore workflows attached to a project
CVE-2022-24343
In JetBrains YouTrack before 2021.4.31698, a custom logo could be set by a user who has read-only permissions.
CVE-2021-37554
In JetBrains YouTrack before 2021.3.21051, a user could see boards without having corresponding permissions.
CVE-2019-14956
JetBrains YouTrack before 2019.2.53938 was using incorrect settings, allowing a user without necessary permissions to get other project names.
CVE-2020-11692
In JetBrains YouTrack before 2020.1.659, DB export was accessible to read-only administrators.
CVE-2023-50871
In JetBrains YouTrack before 2023.3.22268 authorization check for inline comments inside thread replies was missed