Page 5 of 432 results (0.006 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

In JetBrains YouTrack before 2024.3.44799 access to global app config data without appropriate permissions was possible • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-863: Incorrect Authorization •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

In JetBrains YouTrack before 2024.3.44799 user without appropriate permissions could restore workflows attached to a project • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-863: Incorrect Authorization •

CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0

In JetBrains IntelliJ IDEA before 2024.1 hTML injection via the project name was possible En JetBrains IntelliJ IDEA antes de 2024.1 era posible la inyección de HTML a través del nombre del proyecto • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0

In JetBrains TeamCity before 2024.07.1 reflected XSS was possible in the AWS Core plugin • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0

In JetBrains TeamCity before 2024.07.1 reflected XSS was possible on the agentPushPreset page • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •