Page 40 of 431 results (0.005 seconds)

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

JetBrains YouTrack before 2021.4.36872 was vulnerable to stored XSS via a project icon. JetBrains YouTrack versiones anteriores a 2021.4.36872 era vulnerable a un ataque de tipo XSS almacenado por medio de un icono de proyecto. • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2022/02/08/jetbrains-security-bulletin-q4-2021 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

In JetBrains IntelliJ IDEA before 2021.3.1, local code execution via RLO (Right-to-Left Override) characters was possible. En JetBrains IntelliJ IDEA versiones anteriores a 2021.3.1, era posible una ejecución de código local por medio de caracteres RLO (Right-to-Left Override). • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2022/02/08/jetbrains-security-bulletin-q4-2021 •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

In JetBrains IntelliJ IDEA before 2021.2.4, local code execution (without permission from a user) upon opening a project was possible. En JetBrains IntelliJ IDEA versiones anteriores a 2021.2.4, era posible una ejecución de código local (sin permiso de un usuario) al abrir un proyecto. • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2022/02/08/jetbrains-security-bulletin-q4-2021 •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

JetBrains YouTrack before 2021.4.31698 was vulnerable to stored XSS on the Notification templates page. En JetBrains YouTrack versiones anteriores a 2021.4.31698 era vulnerable a un ataque de tipo XSS almacenado en la página de plantillas de notificaciones. • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2022/02/08/jetbrains-security-bulletin-q4-2021 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

In JetBrains YouTrack before 2021.4.31698, a custom logo could be set by a user who has read-only permissions. En JetBrains YouTrack versiones anteriores a 2021.4.31698, un usuario con permisos de sólo lectura podía establecer un logotipo personalizado. • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2022/02/08/jetbrains-security-bulletin-q4-2021 • CWE-276: Incorrect Default Permissions •