Page 3 of 432 results (0.002 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

In JetBrains Hub before 2024.3.47707 improper access control allowed users to generate permanent tokens for unauthorized services • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-862: Missing Authorization •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

In JetBrains Ktor before 3.0.0 improper caching in HttpCache Plugin could lead to response information disclosure • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-524: Use of Cache Containing Sensitive Information •

CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0

In JetBrains YouTrack before 2024.3.47197 insecure plugin iframe allowed arbitrary JavaScript execution and unauthorized API requests • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-940: Improper Verification of Source of a Communication Channel •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

In JetBrains YouTrack before 2024.3.46677 improper access control allowed users with project update permission to delete applications via API • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-862: Missing Authorization •

CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0

In JetBrains TeamCity before 2024.07.3 stored XSS was possible via server global settings • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •