Vulnerabilities > Jetbrains > Youtrack > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-07-12 | CVE-2023-38068 | Improper Control of Interaction Frequency vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2023.1.16597 captcha was not properly validated for Helpdesk forms | 7.3 |
2023-06-12 | CVE-2023-35053 | Unspecified vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2023.1.10518 a DoS attack was possible via Helpdesk forms | 7.5 |
2021-11-09 | CVE-2021-43185 | Injection vulnerability in Jetbrains Youtrack JetBrains YouTrack before 2021.3.23639 is vulnerable to Host header injection. | 7.5 |
2021-02-03 | CVE-2021-25770 | Code Injection vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2020.5.3123, server-side template injection (SSTI) was possible, which could lead to code execution. | 7.5 |
2020-10-19 | CVE-2020-15822 | Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2020.2.10514, SSRF is possible because URL filtering can be escaped. | 7.5 |
2019-07-03 | CVE-2019-12852 | Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack An SSRF attack was possible on a JetBrains YouTrack server. | 7.5 |
2019-07-03 | CVE-2019-12867 | Unspecified vulnerability in Jetbrains Youtrack Certain actions could cause privilege escalation for issue attachments in JetBrains YouTrack. | 7.5 |
2019-07-03 | CVE-2019-12866 | Authorization Bypass Through User-Controlled Key vulnerability in Jetbrains Youtrack An Insecure Direct Object Reference, with Authorization Bypass through a User-Controlled Key, was possible in JetBrains YouTrack. | 7.5 |
2019-07-03 | CVE-2019-12850 | SQL Injection vulnerability in Jetbrains Youtrack A query injection was possible in JetBrains YouTrack. | 7.5 |