Vulnerabilities > Jetbrains > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-04-22 | CVE-2020-11416 | Cross-site Scripting vulnerability in Jetbrains Space JetBrains Space through 2020-04-22 allows stored XSS in Chats. | 5.4 |
2020-01-30 | CVE-2020-7913 | Cross-site Scripting vulnerability in Jetbrains Youtrack JetBrains YouTrack 2019.2 before 2019.2.59309 was vulnerable to XSS via an issue description. | 6.1 |
2020-01-30 | CVE-2020-7912 | Exposure of Resource to Wrong Sphere vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2019.2.59309, SMTP/Jabber settings could be accessed using backups. | 5.3 |
2020-01-30 | CVE-2020-7911 | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.2, several user-level pages were vulnerable to XSS. | 6.1 |
2020-01-30 | CVE-2020-7910 | Cross-site Scripting vulnerability in Jetbrains Teamcity JetBrains TeamCity before 2019.2 was vulnerable to a stored XSS attack by a user with the developer role. | 5.4 |
2020-01-30 | CVE-2020-7908 | Improper Privilege Management vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.1.5, reverse tabnabbing was possible on several pages. | 4.3 |
2019-12-26 | CVE-2019-19389 | Injection vulnerability in Jetbrains Ktor JetBrains Ktor framework before version 1.2.6 was vulnerable to HTTP Response Splitting. | 5.4 |
2019-12-10 | CVE-2019-19703 | Open Redirect vulnerability in Jetbrains Ktor In Ktor through 1.2.6, the client resends data from the HTTP Authorization header to a redirect location. | 6.1 |
2019-10-31 | CVE-2019-18369 | Incorrect Default Permissions vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2019.2.55152, removing tags from the issues list without the corresponding permission was possible. | 5.3 |
2019-10-31 | CVE-2019-18367 | Incorrect Default Permissions vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.1.2, a non-destructive operation could be performed by a user without the corresponding permissions. | 5.3 |