CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-24343
https://notcve.org/view.php?id=CVE-2022-24343
25 Feb 2022 — In JetBrains YouTrack before 2021.4.31698, a custom logo could be set by a user who has read-only permissions. En JetBrains YouTrack versiones anteriores a 2021.4.31698, un usuario con permisos de sólo lectura podía establecer un logotipo personalizado. • https://blog.jetbrains.com • CWE-276: Incorrect Default Permissions •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-43187
https://notcve.org/view.php?id=CVE-2021-43187
09 Nov 2021 — In JetBrains YouTrack Mobile before 2021.2, the client-side cache on iOS could contain sensitive information. En JetBrains YouTrack Mobile versiones anteriores a 2021.2, la caché del lado del cliente en iOS podría contener información confidencial • https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-43188
https://notcve.org/view.php?id=CVE-2021-43188
09 Nov 2021 — In JetBrains YouTrack Mobile before 2021.2, access token protection on iOS is incomplete. En JetBrains YouTrack Mobile versiones anteriores a 2021.2, la protección del token de acceso en iOS es incompleta • https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-43189
https://notcve.org/view.php?id=CVE-2021-43189
09 Nov 2021 — In JetBrains YouTrack Mobile before 2021.2, access token protection on Android is incomplete. En JetBrains YouTrack Mobile versiones anteriores a 2021.2, la protección del token de acceso en Android es incompleta • https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021 •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-43190
https://notcve.org/view.php?id=CVE-2021-43190
09 Nov 2021 — In JetBrains YouTrack Mobile before 2021.2, task hijacking on Android is possible. En JetBrains YouTrack Mobile versiones anteriores a 2021.2, es posible el secuestro de tareas en Android • https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021 •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-43192
https://notcve.org/view.php?id=CVE-2021-43192
09 Nov 2021 — In JetBrains YouTrack Mobile before 2021.2, iOS URL scheme hijacking is possible. En JetBrains YouTrack Mobile versiones anteriores a 2021.2, es posible un secuestro del esquema de URL de iOS • https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021 •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-43191
https://notcve.org/view.php?id=CVE-2021-43191
09 Nov 2021 — JetBrains YouTrack Mobile before 2021.2, is missing the security screen on Android and iOS. En JetBrains YouTrack Mobile versiones anteriores a 2021.2, falta la pantalla de seguridad en Android e iOS • https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021 •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43184
https://notcve.org/view.php?id=CVE-2021-43184
09 Nov 2021 — In JetBrains YouTrack before 2021.3.21051, stored XSS is possible. En JetBrains YouTrack versiones anteriores a 2021.3.21051, un ataque de tipo XSS almacenado es posible • https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43185
https://notcve.org/view.php?id=CVE-2021-43185
09 Nov 2021 — JetBrains YouTrack before 2021.3.23639 is vulnerable to Host header injection. JetBrains YouTrack versiones anteriores a 2021.3.23639, es vulnerable a una inyección de encabezados de Host • https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43186
https://notcve.org/view.php?id=CVE-2021-43186
09 Nov 2021 — JetBrains YouTrack before 2021.3.24402 is vulnerable to stored XSS. JetBrains YouTrack versiones anteriores a 2021.3.24402, es vulnerable a un ataque de tipo XSS almacenado • https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •