Page 5 of 91 results (0.007 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

In JetBrains YouTrack before 2024.1.25893 creation comments on behalf of an arbitrary user in HelpDesk was possible En JetBrains YouTrack antes de 2024.1.25893 era posible crear comentarios en nombre de un usuario arbitrario en HelpDesk • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-290: Authentication Bypass by Spoofing •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

In JetBrains YouTrack before 2023.3.22666 stored XSS via markdown was possible En JetBrains YouTrack antes de 2023.3.22666 era posible el XSS almacenado mediante markdown • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

In JetBrains YouTrack before 2023.3.22268 authorization check for inline comments inside thread replies was missed En JetBrains YouTrack anterior a 2023.3.22268, se omitía la verificación de autorización para comentarios en línea dentro de las respuestas de los hilos. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-285: Improper Authorization •

CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0

In JetBrains YouTrack before 2023.1.16597 captcha was not properly validated for Helpdesk forms • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-799: Improper Control of Interaction Frequency •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

In JetBrains YouTrack before 2023.1.10518 stored XSS in a Markdown-rendering engine was possible • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •