Vulnerabilities > Jetbrains > Youtrack > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-03 | CVE-2021-25765 | Cross-Site Request Forgery (CSRF) vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2020.4.4701, CSRF via attachment upload was possible. | 8.8 |
2020-11-16 | CVE-2020-25209 | Unspecified vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2020.3.6638, improper access control for some subresources leads to information disclosure via the REST API. | 7.5 |
2020-10-19 | CVE-2020-15822 | Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2020.2.10514, SSRF is possible because URL filtering can be escaped. | 7.3 |
2020-08-08 | CVE-2020-15823 | Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component. | 7.5 |
2020-08-08 | CVE-2020-15817 | Unspecified vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2020.1.1331, an external user could execute commands against arbitrary issues. | 8.8 |
2020-04-22 | CVE-2020-11693 | Unspecified vulnerability in Jetbrains Youtrack JetBrains YouTrack before 2020.1.659 was vulnerable to DoS that could be caused by attaching a malformed TIFF file to an issue. | 7.5 |
2019-10-02 | CVE-2019-15040 | Cross-Site Request Forgery (CSRF) vulnerability in Jetbrains Youtrack JetBrains YouTrack versions before 2019.1 had a CSRF vulnerability on the settings page. | 8.8 |
2019-07-03 | CVE-2019-12851 | Cross-Site Request Forgery (CSRF) vulnerability in Jetbrains Youtrack A CSRF vulnerability was detected in one of the admin endpoints of JetBrains YouTrack. | 8.8 |