High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-02-03	CVE-2021-25765	Cross-Site Request Forgery (CSRF) vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2020.4.4701, CSRF via attachment upload was possible. network low complexity jetbrains CWE-352	8.8
2020-11-16	CVE-2020-25209	Unspecified vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2020.3.6638, improper access control for some subresources leads to information disclosure via the REST API. network low complexity jetbrains	7.5
2020-10-19	CVE-2020-15822	Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2020.2.10514, SSRF is possible because URL filtering can be escaped. network low complexity jetbrains CWE-918	7.3
2020-08-08	CVE-2020-15823	Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component. network low complexity jetbrains CWE-918	7.5
2020-08-08	CVE-2020-15817	Unspecified vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2020.1.1331, an external user could execute commands against arbitrary issues. network low complexity jetbrains	8.8
2020-04-22	CVE-2020-11693	Unspecified vulnerability in Jetbrains Youtrack JetBrains YouTrack before 2020.1.659 was vulnerable to DoS that could be caused by attaching a malformed TIFF file to an issue. network low complexity jetbrains	7.5
2019-10-02	CVE-2019-15040	Cross-Site Request Forgery (CSRF) vulnerability in Jetbrains Youtrack JetBrains YouTrack versions before 2019.1 had a CSRF vulnerability on the settings page. network low complexity jetbrains CWE-352	8.8
2019-07-03	CVE-2019-12851	Cross-Site Request Forgery (CSRF) vulnerability in Jetbrains Youtrack A CSRF vulnerability was detected in one of the admin endpoints of JetBrains YouTrack. network low complexity jetbrains CWE-352	8.8