Vulnerabilities > Jetbrains

DATE	CVE	VULNERABILITY TITLE	RISK
2024-03-07	CVE-2024-28228	Authentication Bypass by Spoofing vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.1.25893 creation comments on behalf of an arbitrary user in HelpDesk was possible network low complexity jetbrains CWE-290	5.3
2024-03-07	CVE-2024-28229	Incorrect Authorization vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.1.25893 user without appropriate permissions could restore issues and articles network low complexity jetbrains CWE-863	6.5
2024-03-07	CVE-2024-28230	Missing Authorization vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.1.25893 attaching/detaching workflow to a project was possible without project admin permissions network low complexity jetbrains CWE-862	6.5
2024-03-06	CVE-2024-28173	Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity between 2023.11 and 2023.11.4 custom build parameters of the "password" type could be disclosed network low complexity jetbrains	4.3
2024-03-06	CVE-2024-28174	Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.4 presigned URL generation requests in S3 Artifact Storage plugin were authorized improperly network low complexity jetbrains CWE-863	5.8
2024-03-04	CVE-2024-27198	Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible network low complexity jetbrains critical	9.8
2024-03-04	CVE-2024-27199	Path Traversal vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible network low complexity jetbrains CWE-22	7.3
2024-02-06	CVE-2024-23917	Missing Authentication for Critical Function vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible network low complexity jetbrains CWE-306 critical	9.8
2024-02-06	CVE-2024-24936	Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.2 access control at the S3 Artifact Storage plugin endpoint was missed network low complexity jetbrains	5.3
2024-02-06	CVE-2024-24937	Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.2 stored XSS via agent distribution was possible network low complexity jetbrains CWE-79	5.4

Vulnerabilities > Jetbrains {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Jetbrains"}]}

Vulnerabilities > Jetbrains