Vulnerabilities > Jetbrains > Youtrack > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-25 | CVE-2022-24442 | Code Injection vulnerability in Jetbrains Youtrack JetBrains YouTrack before 2021.4.40426 was vulnerable to SSTI (Server-Side Template Injection) via FreeMarker templates. | 9.8 |
| 2021-11-09 | CVE-2021-43185 | Injection vulnerability in Jetbrains Youtrack JetBrains YouTrack before 2021.3.23639 is vulnerable to Host header injection. | 9.8 |
| 2021-08-06 | CVE-2021-37549 | Unspecified vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2021.1.11111, sandboxing in workflows was insufficient. | 9.1 |
| 2021-02-03 | CVE-2021-25770 | Code Injection vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2020.5.3123, server-side template injection (SSTI) was possible, which could lead to code execution. | 9.8 |
| 2019-07-03 | CVE-2019-12852 | Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack An SSRF attack was possible on a JetBrains YouTrack server. | 9.8 |
| 2019-07-03 | CVE-2019-12850 | SQL Injection vulnerability in Jetbrains Youtrack A query injection was possible in JetBrains YouTrack. | 9.8 |
| 2019-07-03 | CVE-2019-12866 | Authorization Bypass Through User-Controlled Key vulnerability in Jetbrains Youtrack An Insecure Direct Object Reference, with Authorization Bypass through a User-Controlled Key, was possible in JetBrains YouTrack. | 9.8 |
| 2019-07-03 | CVE-2019-12867 | Unspecified vulnerability in Jetbrains Youtrack Certain actions could cause privilege escalation for issue attachments in JetBrains YouTrack. | 9.8 |