Vulnerabilities > Jetbrains

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-01	CVE-2019-14955	Weak Password Recovery Mechanism for Forgotten Password vulnerability in Jetbrains HUB In JetBrains Hub versions earlier than 2018.4.11436, there was no option to force a user to change the password and no password expiration policy was implemented. network low complexity jetbrains CWE-640	5.3
2019-10-01	CVE-2019-14953	Cross-site Scripting vulnerability in Jetbrains Youtrack JetBrains YouTrack versions before 2019.2.53938 had a possible XSS through issue attachments when using the Firefox browser. network low complexity jetbrains CWE-79	6.1
2019-10-01	CVE-2019-15039	Path Traversal vulnerability in Jetbrains Teamcity 2018.2.4 An issue was discovered in JetBrains TeamCity 2018.2.4. network low complexity jetbrains CWE-22 critical	9.8
2019-10-01	CVE-2019-14954	Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Intellij Idea JetBrains IntelliJ IDEA before 2019.2 was resolving the markdown plantuml artifact download link via a cleartext http connection. network high complexity jetbrains CWE-319	5.9
2019-10-01	CVE-2019-14952	Cross-site Scripting vulnerability in Jetbrains Youtrack JetBrains YouTrack versions before 2019.1.52584 had a possible XSS in the issue titles. network low complexity jetbrains CWE-79	6.1
2019-09-05	CVE-2019-15848	Cross-site Scripting vulnerability in Jetbrains Teamcity 2019.1/2019.1.1 JetBrains TeamCity 2019.1 and 2019.1.1 allows cross-site scripting (XSS), potentially making it possible to send an arbitrary HTTP request to a TeamCity server under the name of the currently logged-in user. network low complexity jetbrains CWE-79	6.1
2019-07-03	CVE-2019-12852	Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack An SSRF attack was possible on a JetBrains YouTrack server. network low complexity jetbrains CWE-918 critical	9.8
2019-07-03	CVE-2019-12846	Unspecified vulnerability in Jetbrains Teamcity A user without the required permissions could gain access to some JetBrains TeamCity settings. network low complexity jetbrains	4.3
2019-07-03	CVE-2019-12845	Improper Authentication vulnerability in Jetbrains Teamcity The generated Kotlin DSL settings allowed usage of an unencrypted connection for resolving artifacts. network low complexity jetbrains CWE-287	5.3
2019-07-03	CVE-2019-12844	Code Injection vulnerability in Jetbrains Teamcity A possible stored JavaScript injection was detected on one of the JetBrains TeamCity pages. network low complexity jetbrains CWE-94	6.1

Vulnerabilities > Jetbrains {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Jetbrains"}]}

Vulnerabilities > Jetbrains