Vulnerabilities > Jetbrains > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-08-27 CVE-2020-24618 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack versions before 2020.3.4313, 2020.2.11008, 2020.1.11011, 2019.1.65514, 2019.2.65515, and 2019.3.65516, an attacker can retrieve an issue description without appropriate access.
network
low complexity
jetbrains
6.5
6.5
2020-08-08 CVE-2020-15831 Cross-site Scripting vulnerability in Jetbrains Teamcity
JetBrains TeamCity before 2019.2.3 is vulnerable to reflected XSS in the administration UI.
network
low complexity
jetbrains CWE-79
6.1
6.1
2020-08-08 CVE-2020-15830 Cross-site Scripting vulnerability in Jetbrains Teamcity
JetBrains TeamCity before 2019.2.3 is vulnerable to stored XSS in the administration UI.
network
low complexity
jetbrains CWE-79
6.1
6.1
2020-08-08 CVE-2020-15829 Information Exposure Through Log Files vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.2.3, password parameters could be disclosed via build logs.
network
low complexity
jetbrains CWE-532
5.3
5.3
2020-08-08 CVE-2020-15828 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.1.1, project parameter values can be retrieved by a user without appropriate permissions.
network
low complexity
jetbrains
6.5
6.5
2020-08-08 CVE-2020-15826 Improper Privilege Management vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.1, users are able to assign more permissions than they have.
network
low complexity
jetbrains CWE-269
4.3
4.3
2020-08-08 CVE-2020-15821 Incorrect Default Permissions vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.2.6881, a user without permission is able to create an article draft.
network
low complexity
jetbrains CWE-276
6.5
6.5
2020-08-08 CVE-2020-15820 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.2.6881, the markdown parser could disclose hidden file existence.
network
low complexity
jetbrains
5.3
5.3
2020-08-08 CVE-2020-15819 Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack
JetBrains YouTrack before 2020.2.10643 was vulnerable to SSRF that allowed scanning internal ports.
network
low complexity
jetbrains CWE-918
5.3
5.3
2020-08-08 CVE-2020-15818 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.2.8527, the subtasks workflow could disclose issue existence.
network
low complexity
jetbrains
5.3
5.3