Vulnerabilities > Jetbrains

DATE CVE VULNERABILITY TITLE RISK
2020-02-21 CVE-2020-7907 Information Exposure vulnerability in Jetbrains Scala
In the JetBrains Scala plugin before 2019.2.1, some artefact dependencies were resolved over unencrypted connections.
network
low complexity
jetbrains CWE-200
5.0
2020-01-31 CVE-2020-7914 Information Exposure vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA 2019.2, an XSLT debugger plugin misconfiguration allows arbitrary file read operations over the network.
network
low complexity
jetbrains CWE-200
5.0
2020-01-30 CVE-2020-7913 Cross-site Scripting vulnerability in Jetbrains Youtrack
JetBrains YouTrack 2019.2 before 2019.2.59309 was vulnerable to XSS via an issue description.
network
jetbrains CWE-79
4.3
2020-01-30 CVE-2020-7912 Exposure of Resource to Wrong Sphere vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2019.2.59309, SMTP/Jabber settings could be accessed using backups.
network
low complexity
jetbrains CWE-668
5.0
2020-01-30 CVE-2020-7911 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.2, several user-level pages were vulnerable to XSS.
network
jetbrains CWE-79
4.3
2020-01-30 CVE-2020-7910 Cross-site Scripting vulnerability in Jetbrains Teamcity
JetBrains TeamCity before 2019.2 was vulnerable to a stored XSS attack by a user with the developer role.
network
jetbrains CWE-79
3.5
2020-01-30 CVE-2020-7909 Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.1.5, some server-stored passwords could be shown via the web UI.
network
low complexity
jetbrains CWE-522
5.0
2020-01-30 CVE-2020-7908 Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.1.5, reverse tabnabbing was possible on several pages.
network
jetbrains CWE-522
4.3
2020-01-30 CVE-2020-7906 Improper Verification of Cryptographic Signature vulnerability in Jetbrains Rider 2019.3.0
In JetBrains Rider versions 2019.3 EAP2 through 2019.3 EAP7, there were unsigned binaries provided by the Windows installer.
network
low complexity
jetbrains CWE-347
5.0
2020-01-30 CVE-2020-7905 Information Exposure vulnerability in Jetbrains Intellij Idea
Ports listened to by JetBrains IntelliJ IDEA before 2019.3 were exposed to the network.
network
low complexity
jetbrains CWE-200
5.0