Vulnerabilities > Jetbrains > Youtrack > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-08-06 CVE-2021-37553 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2021.2.16363, an insecure PRNG was used.
network
low complexity
jetbrains CWE-338
5.0
2021-08-06 CVE-2021-37554 Information Exposure vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2021.3.21051, a user could see boards without having corresponding permissions.
network
low complexity
jetbrains CWE-200
4.0
2021-05-11 CVE-2021-31902 Incorrect Permission Assignment for Critical Resource vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.6.6600, access control during the exporting of issues was implemented improperly.
network
low complexity
jetbrains CWE-732
5.0
2021-05-11 CVE-2021-31903 Cross-site Scripting vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2021.1.9819, a pull request's title was sanitized insufficiently, leading to XSS.
network
jetbrains CWE-79
4.3
2021-05-11 CVE-2021-31905 Information Exposure vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.6.8801, information disclosure in an issue preview was possible.
network
low complexity
jetbrains CWE-200
5.0
2021-02-03 CVE-2021-25771 Information Exposure vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.6.1099, project information could be potentially disclosed.
network
low complexity
jetbrains CWE-200
5.0
2021-02-03 CVE-2021-25769 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.4.6808, the YouTrack administrator wasn't able to access attachments.
network
low complexity
jetbrains
5.0
2021-02-03 CVE-2021-25768 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.4.4701, permissions for attachments actions were checked improperly.
network
low complexity
jetbrains
5.0
2021-02-03 CVE-2021-25767 Information Exposure vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.6.1767, an issue's existence could be disclosed via YouTrack command execution.
network
low complexity
jetbrains CWE-200
5.0
2021-02-03 CVE-2021-25766 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.4.4701, improper resource access checks were made.
network
low complexity
jetbrains
5.0