Vulnerabilities > Jetbrains > Youtrack

DATE CVE VULNERABILITY TITLE RISK
2020-11-16 CVE-2020-27626 Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack
JetBrains YouTrack before 2020.3.5333 was vulnerable to SSRF.
network
low complexity
jetbrains CWE-918
5.3
5.3
2020-11-16 CVE-2020-27625 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.3.888, notifications might have mentioned inaccessible issues.
network
low complexity
jetbrains
5.3
5.3
2020-11-16 CVE-2020-27624 Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack
JetBrains YouTrack before 2020.3.888 was vulnerable to SSRF.
network
low complexity
jetbrains CWE-918
5.3
5.3
2020-11-16 CVE-2020-25210 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.3.7955, an attacker could access workflow rules without appropriate access grants.
network
low complexity
jetbrains
5.3
5.3
2020-11-16 CVE-2020-25209 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.3.6638, improper access control for some subresources leads to information disclosure via the REST API.
network
low complexity
jetbrains
7.5
7.5
2020-11-16 CVE-2020-24366 Unspecified vulnerability in Jetbrains Youtrack
Sensitive information could be disclosed in the JetBrains YouTrack application before 2020.2.0 for Android via application backups.
local
low complexity
jetbrains
3.3
3.3
2020-10-19 CVE-2020-15822 Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.2.10514, SSRF is possible because URL filtering can be escaped.
network
low complexity
jetbrains CWE-918
7.3
7.3
2020-08-27 CVE-2020-24618 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack versions before 2020.3.4313, 2020.2.11008, 2020.1.11011, 2019.1.65514, 2019.2.65515, and 2019.3.65516, an attacker can retrieve an issue description without appropriate access.
network
low complexity
jetbrains
6.5
6.5
2020-08-08 CVE-2020-15823 Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack
JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component.
network
low complexity
jetbrains CWE-918
7.5
7.5
2020-08-08 CVE-2020-15821 Incorrect Default Permissions vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.2.6881, a user without permission is able to create an article draft.
network
low complexity
jetbrains CWE-276
6.5
6.5