Vulnerabilities > Jetbrains > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-11-09 | CVE-2021-43192 | Unspecified vulnerability in Jetbrains Youtrack Mobile In JetBrains YouTrack Mobile before 2021.2, iOS URL scheme hijacking is possible. | 5.0 |
2021-11-09 | CVE-2021-43194 | Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.1.2, user enumeration was possible. | 5.0 |
2021-11-09 | CVE-2021-43195 | Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.1.2, some HTTP security headers were missing. | 5.0 |
2021-11-09 | CVE-2021-43196 | Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.1, information disclosure via the Docker Registry connection dialog is possible. | 5.0 |
2021-11-09 | CVE-2021-43197 | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.1.2, email notifications could include unescaped HTML for XSS. | 4.3 |
2021-11-09 | CVE-2021-43199 | Incorrect Default Permissions vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.1.2, permission checks in the Create Patch functionality are insufficient. | 5.0 |
2021-11-09 | CVE-2021-43201 | Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.1.3, a newly created project could take settings from an already deleted project. | 5.0 |
2021-11-09 | CVE-2021-43203 | Improper Authentication vulnerability in Jetbrains Ktor In JetBrains Ktor before 1.6.4, nonce verification during the OAuth2 authentication process is implemented improperly. | 5.0 |
2021-08-06 | CVE-2021-37540 | Unspecified vulnerability in Jetbrains HUB In JetBrains Hub before 2021.1.13262, a potentially insufficient CSP for the Widget deployment feature was used. | 6.5 |
2021-08-06 | CVE-2021-37541 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Jetbrains HUB In JetBrains Hub before 2021.1.13402, HTML injection in the password reset email was possible. | 4.3 |