CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22370
https://notcve.org/view.php?id=CVE-2024-22370
In JetBrains YouTrack before 2023.3.22666 stored XSS via markdown was possible En JetBrains YouTrack antes de 2023.3.22666 era posible el XSS almacenado mediante markdown • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50871
https://notcve.org/view.php?id=CVE-2023-50871
In JetBrains YouTrack before 2023.3.22268 authorization check for inline comments inside thread replies was missed En JetBrains YouTrack anterior a 2023.3.22268, se omitía la verificación de autorización para comentarios en línea dentro de las respuestas de los hilos. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-285: Improper Authorization •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38068
https://notcve.org/view.php?id=CVE-2023-38068
In JetBrains YouTrack before 2023.1.16597 captcha was not properly validated for Helpdesk forms • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-799: Improper Control of Interaction Frequency •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-35054
https://notcve.org/view.php?id=CVE-2023-35054
In JetBrains YouTrack before 2023.1.10518 stored XSS in a Markdown-rendering engine was possible • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-35053
https://notcve.org/view.php?id=CVE-2023-35053
In JetBrains YouTrack before 2023.1.10518 a DoS attack was possible via Helpdesk forms • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-400: Uncontrolled Resource Consumption •