• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

youtrack

CVE-2021-37549

February 23, 2023 by

In JetBrains YouTrack before 2021.1.11111, sandboxing in workflows was insufficient.

CVE-2021-25768

February 23, 2023 by

In JetBrains YouTrack before 2020.4.4701, permissions for attachments actions were checked improperly.

CVE-2022-28650

February 23, 2023 by godfreyd94

In JetBrains YouTrack before 2022.1.43700 it was possible to inject JavaScript into Markdown in the YouTrack Classic UI

CVE-2022-28649

February 23, 2023 by godfreyd94

In JetBrains YouTrack before 2022.1.43563 it was possible to include an iframe from a third-party domain in the issue description

CVE-2022-28648

February 23, 2023 by godfreyd94

In JetBrains YouTrack before 2022.1.43563 HTML code from the issue description was being rendered

CVE-2022-24442

February 23, 2023 by godfreyd94

JetBrains YouTrack before 2021.4.40426 was vulnerable to SSTI (Server-Side Template Injection) via FreeMarker templates.

  • « Go to Previous Page
  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Go to page 4
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE