Vulnerabilities > Jetbrains > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-06 | CVE-2021-37554 | Information Exposure vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2021.3.21051, a user could see boards without having corresponding permissions. | 4.0 |
| 2021-05-11 | CVE-2021-30482 | Improper Preservation of Permissions vulnerability in Jetbrains Upsource In JetBrains UpSource before 2020.1.1883, application passwords were not revoked correctly | 5.0 |
| 2021-05-11 | CVE-2021-31910 | Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.3, information disclosure via SSRF was possible. | 5.0 |
| 2021-05-11 | CVE-2021-31911 | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.3, reflected XSS was possible on several pages. | 4.3 |
| 2021-05-11 | CVE-2021-31912 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.3, account takeover was potentially possible during a password reset. | 6.8 |
| 2021-05-11 | CVE-2021-31913 | Improper Validation of Integrity Check Value vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.3, insufficient checks of the redirect_uri were made during GitHub SSO token exchange. | 5.0 |
| 2021-05-11 | CVE-2021-26310 | Unspecified vulnerability in Jetbrains Teamcity In the TeamCity IntelliJ plugin before 2020.2.2.85899, DoS was possible. | 5.0 |
| 2021-05-11 | CVE-2021-29263 | Unspecified vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA 2020.3.3, local code execution was possible because of insufficient checks when getting the project from VCS. | 4.6 |
| 2021-05-11 | CVE-2021-30005 | Insufficient Verification of Data Authenticity vulnerability in Jetbrains Pycharm In JetBrains PyCharm before 2020.3.4, local code execution was possible because of insufficient checks when getting the project from VCS. | 4.6 |
| 2021-05-11 | CVE-2021-30006 | XXE vulnerability in Jetbrains Intellij Idea In IntelliJ IDEA before 2020.3.3, XXE was possible, leading to information disclosure. | 5.0 |