Page 15 of 82 results (0.005 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

In JetBrains YouTrack before 2019.2.55152, removing tags from the issues list without the corresponding permission was possible. En JetBrains YouTrack versiones anteriores a 2019.2.55152, eliminar etiquetas de la lista de problemas era posible sin el permiso correspondiente. • https://blog.jetbrains.com/blog/2019/10/29/jetbrains-security-bulletin-q3-2019 • CWE-276: Incorrect Default Permissions •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

JetBrains YouTrack before 2019.2.53938 was using incorrect settings, allowing a user without necessary permissions to get other project names. JetBrains YouTrack versiones anteriores a 2019.2.53938, estaba usando configuraciones incorrectas, permitiendo a un usuario sin los permisos necesarios obtener otros nombres de proyectos. • https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019 • CWE-281: Improper Preservation of Permissions •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

JetBrains YouTrack versions before 2019.1 had a CSRF vulnerability on the settings page. JetBrains YouTrack versiones anteriores a 2019.1, presentaban una vulnerabilidad de tipo CSRF en la página de configuración. • https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

In JetBrains YouTrack through 2019.2.56594, stored XSS was found on the issue page. En JetBrains YouTrack versiones hasta 2019.2.56594, se encontró una vulnerabilidad de tipo XSS almacenado en la página del asunto. • https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

JetBrains YouTrack versions before 2019.1.52545 allowed unbounded URL whitelisting because of Inclusion of Functionality from an Untrusted Control Sphere. JetBrains YouTrack versiones anteriores a 2019.1.52545, permitieron una lista blanca de la URL sin límites debido a la Inclusión de la Funcionalidad de una Esfera de Control no Confiable. • https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •