In JetBrains Hub before 2020.1.12629, an authenticated user can delete 2FA settings of any other user.
NVD-CWE-noinfo
CVE-2021-25760
In JetBrains Hub before 2020.1.12669, information disclosure via the public API was possible.
CVE-2021-25764
In JetBrains PhpStorm before 2020.3, source code could be added to debug logs.
CVE-2021-25766
In JetBrains YouTrack before 2020.4.4701, improper resource access checks were made.
CVE-2021-25767
In JetBrains YouTrack before 2020.6.1767, an issue’s existence could be disclosed via YouTrack command execution.
CVE-2021-25769
In JetBrains YouTrack before 2020.4.6808, the YouTrack administrator wasn’t able to access attachments.
