Vulnerabilities > Jetbrains > Youtrack > 2017.4.37933
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-01 | CVE-2019-14952 | Cross-site Scripting vulnerability in Jetbrains Youtrack JetBrains YouTrack versions before 2019.1.52584 had a possible XSS in the issue titles. | 4.3 |
| 2019-07-03 | CVE-2019-12852 | Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack An SSRF attack was possible on a JetBrains YouTrack server. | 7.5 |
| 2019-07-03 | CVE-2019-12867 | Unspecified vulnerability in Jetbrains Youtrack Certain actions could cause privilege escalation for issue attachments in JetBrains YouTrack. | 7.5 |
| 2019-07-03 | CVE-2019-12866 | Authorization Bypass Through User-Controlled Key vulnerability in Jetbrains Youtrack An Insecure Direct Object Reference, with Authorization Bypass through a User-Controlled Key, was possible in JetBrains YouTrack. | 7.5 |
| 2019-07-03 | CVE-2019-12851 | Cross-Site Request Forgery (CSRF) vulnerability in Jetbrains Youtrack A CSRF vulnerability was detected in one of the admin endpoints of JetBrains YouTrack. | 6.8 |
| 2019-07-03 | CVE-2019-12850 | SQL Injection vulnerability in Jetbrains Youtrack A query injection was possible in JetBrains YouTrack. | 7.5 |