CVE-2024-22370
https://notcve.org/view.php?id=CVE-2024-22370
In JetBrains YouTrack before 2023.3.22666 stored XSS via markdown was possible En JetBrains YouTrack antes de 2023.3.22666 era posible el XSS almacenado mediante markdown • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-50871
https://notcve.org/view.php?id=CVE-2023-50871
In JetBrains YouTrack before 2023.3.22268 authorization check for inline comments inside thread replies was missed En JetBrains YouTrack anterior a 2023.3.22268, se omitía la verificación de autorización para comentarios en línea dentro de las respuestas de los hilos. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-285: Improper Authorization •
CVE-2023-38068
https://notcve.org/view.php?id=CVE-2023-38068
In JetBrains YouTrack before 2023.1.16597 captcha was not properly validated for Helpdesk forms • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-799: Improper Control of Interaction Frequency •
CVE-2023-35054
https://notcve.org/view.php?id=CVE-2023-35054
In JetBrains YouTrack before 2023.1.10518 stored XSS in a Markdown-rendering engine was possible • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-35053
https://notcve.org/view.php?id=CVE-2023-35053
In JetBrains YouTrack before 2023.1.10518 a DoS attack was possible via Helpdesk forms • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-400: Uncontrolled Resource Consumption •