Vulnerabilities > Jetbrains > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-03 | CVE-2019-12845 | Improper Authentication vulnerability in Jetbrains Teamcity The generated Kotlin DSL settings allowed usage of an unencrypted connection for resolving artifacts. | 5.0 |
| 2019-07-03 | CVE-2019-12844 | Code Injection vulnerability in Jetbrains Teamcity A possible stored JavaScript injection was detected on one of the JetBrains TeamCity pages. | 4.3 |
| 2019-07-03 | CVE-2019-12843 | Code Injection vulnerability in Jetbrains Teamcity A possible stored JavaScript injection requiring a deliberate server administrator action was detected. | 4.3 |
| 2019-07-03 | CVE-2019-12842 | Cross-site Scripting vulnerability in Jetbrains Teamcity A reflected XSS on a user page was detected on one of the JetBrains TeamCity pages. | 4.3 |
| 2019-07-03 | CVE-2019-12841 | Improper Input Validation vulnerability in Jetbrains Teamcity Incorrect handling of user input in ZIP extraction was detected in JetBrains TeamCity. | 5.0 |
| 2019-07-03 | CVE-2019-9873 | Cleartext Storage of Sensitive Information vulnerability in Jetbrains Intellij Idea In several versions of JetBrains IntelliJ IDEA Ultimate, creating Task Servers configurations leads to saving a cleartext unencrypted record of the server credentials in the IDE configuration files. | 5.0 |
| 2019-07-03 | CVE-2019-9872 | Cleartext Storage of Sensitive Information vulnerability in Jetbrains Intellij Idea In several versions of JetBrains IntelliJ IDEA Ultimate, creating run configurations for cloud application servers leads to saving a cleartext unencrypted record of the server credentials in the IDE configuration files. | 4.3 |
| 2019-07-03 | CVE-2019-9823 | Cleartext Storage of Sensitive Information vulnerability in Jetbrains Intellij Idea In several JetBrains IntelliJ IDEA versions, creating remote run configurations of JavaEE application servers leads to saving a cleartext record of the server credentials in the IDE configuration files. | 5.0 |
| 2019-07-03 | CVE-2019-12851 | Cross-Site Request Forgery (CSRF) vulnerability in Jetbrains Youtrack A CSRF vulnerability was detected in one of the admin endpoints of JetBrains YouTrack. | 6.8 |
| 2019-07-03 | CVE-2019-12847 | Insufficiently Protected Credentials vulnerability in Jetbrains HUB In JetBrains Hub versions earlier than 2018.4.11298, the audit events for SMTPSettings show a cleartext password to the admin user. | 4.0 |