Vulnerabilities > Jetbrains > Low

DATE CVE VULNERABILITY TITLE RISK
2021-05-11 CVE-2021-31908 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.3, stored XSS was possible on several pages.
network
jetbrains CWE-79
3.5
3.5
2021-05-11 CVE-2021-27733 Cross-site Scripting vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.6.6441, stored XSS was possible via an issue attachment.
network
jetbrains CWE-79
3.5
3.5
2021-05-11 CVE-2021-26309 Exposure of Resource to Wrong Sphere vulnerability in Jetbrains Teamcity
Information disclosure in the TeamCity plugin for IntelliJ before 2020.2.2.85899 was possible because a local temporary file had Insecure Permissions.
local
low complexity
jetbrains CWE-668
2.1
2.1
2021-02-03 CVE-2021-25755 Unspecified vulnerability in Jetbrains Code With ME
In JetBrains Code With Me before 2020.3, an attacker on the local network, knowing a session ID, could get access to the encrypted traffic.
local
jetbrains
1.9
1.9
2020-11-16 CVE-2020-24366 Information Exposure vulnerability in Jetbrains Youtrack
Sensitive information could be disclosed in the JetBrains YouTrack application before 2020.2.0 for Android via application backups.
local
low complexity
jetbrains CWE-200
2.1
2.1
2020-04-22 CVE-2020-11416 Cross-site Scripting vulnerability in Jetbrains Space 20200422
JetBrains Space through 2020-04-22 allows stored XSS in Chats.
network
jetbrains CWE-79
3.5
3.5
2020-01-30 CVE-2020-7910 Cross-site Scripting vulnerability in Jetbrains Teamcity
JetBrains TeamCity before 2019.2 was vulnerable to a stored XSS attack by a user with the developer role.
network
jetbrains CWE-79
3.5
3.5
2019-12-26 CVE-2019-19389 Injection vulnerability in Jetbrains Ktor
JetBrains Ktor framework before version 1.2.6 was vulnerable to HTTP Response Splitting.
network
jetbrains CWE-74
3.5
3.5