Vulnerabilities > Jetbrains > Youtrack > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-02-03 CVE-2021-25771 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.6.1099, project information could be potentially disclosed.
network
low complexity
jetbrains
4.3
4.3
2021-02-03 CVE-2021-25768 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.4.4701, permissions for attachments actions were checked improperly.
network
low complexity
jetbrains
5.3
5.3
2021-02-03 CVE-2021-25767 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.6.1767, an issue's existence could be disclosed via YouTrack command execution.
network
low complexity
jetbrains
5.3
5.3
2021-02-03 CVE-2021-25766 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.4.4701, improper resource access checks were made.
network
low complexity
jetbrains
5.3
5.3
2021-02-03 CVE-2020-25208 Incorrect Default Permissions vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.4.4701, an attacker could enumerate users via the REST API without appropriate permissions.
network
low complexity
jetbrains CWE-276
5.3
5.3
2020-11-16 CVE-2020-27626 Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack
JetBrains YouTrack before 2020.3.5333 was vulnerable to SSRF.
network
low complexity
jetbrains CWE-918
5.3
5.3
2020-11-16 CVE-2020-27625 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.3.888, notifications might have mentioned inaccessible issues.
network
low complexity
jetbrains
5.3
5.3
2020-11-16 CVE-2020-27624 Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack
JetBrains YouTrack before 2020.3.888 was vulnerable to SSRF.
network
low complexity
jetbrains CWE-918
5.3
5.3
2020-11-16 CVE-2020-25210 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.3.7955, an attacker could access workflow rules without appropriate access grants.
network
low complexity
jetbrains
5.3
5.3
2020-08-27 CVE-2020-24618 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack versions before 2020.3.4313, 2020.2.11008, 2020.1.11011, 2019.1.65514, 2019.2.65515, and 2019.3.65516, an attacker can retrieve an issue description without appropriate access.
network
low complexity
jetbrains
6.5
6.5