jetbrains

youtrack

3 Versions 35 CVEs

Versions

Recent CVEs

CVE-2024-50581

In JetBrains YouTrack before 2024.3.47707 improper HTML sanitization could lead to XSS attack via comment tag

MEDIUM Oct 28, 2024

CVE-2024-50580

In JetBrains YouTrack before 2024.3.47707 multiple XSS were possible due to insecure markdown parsing and custom rendering rule

MEDIUM Oct 28, 2024

CVE-2024-49579

In JetBrains YouTrack before 2024.3.47197 insecure plugin iframe allowed arbitrary JavaScript execution and unauthorized API requests

HIGH Oct 17, 2024

CVE-2024-47162

In JetBrains YouTrack before 2024.3.44799 token could be revealed on Imports page

MEDIUM Sep 19, 2024

CVE-2024-47160

In JetBrains YouTrack before 2024.3.44799 access to global app config data without appropriate permissions was possible

MEDIUM Sep 19, 2024

CVE-2024-47159

In JetBrains YouTrack before 2024.3.44799 user without appropriate permissions could restore workflows attached to a project

MEDIUM Sep 19, 2024

CVE-2023-50871

In JetBrains YouTrack before 2023.3.22268 authorization check for inline comments inside thread replies was missed

MEDIUM Dec 15, 2023

CVE-2023-38068

In JetBrains YouTrack before 2023.1.16597 captcha was not properly validated for Helpdesk forms

MEDIUM Jul 12, 2023

CVE-2023-35054

In JetBrains YouTrack before 2023.1.10518 stored XSS in a Markdown-rendering engine was possible

MEDIUM Jun 12, 2023

CVE-2023-35053

In JetBrains YouTrack before 2023.1.10518 a DoS attack was possible via Helpdesk forms

HIGH Jun 12, 2023

youtrack

Versions

2022.1.43563

0

2022.1.43700

Recent CVEs

CVE-2024-50581

CVE-2024-50580

CVE-2024-49579

CVE-2024-47162

CVE-2024-47160

CVE-2024-47159

CVE-2023-50871

CVE-2023-38068

CVE-2023-35054

CVE-2023-35053