CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15822
https://notcve.org/view.php?id=CVE-2020-15822
In JetBrains YouTrack before 2020.2.10514, SSRF is possible because URL filtering can be escaped. En JetBrains YouTrack versiones anteriores a 2020.2.10514, un ataque de tipo SSRF es posible porque un filtrado de URL puede ser escapado • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2020/08/06/jetbrains-security-bulletin-q2-2020 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-24618
https://notcve.org/view.php?id=CVE-2020-24618
In JetBrains YouTrack versions before 2020.3.4313, 2020.2.11008, 2020.1.11011, 2019.1.65514, 2019.2.65515, and 2019.3.65516, an attacker can retrieve an issue description without appropriate access. En las versiones de JetBrains YouTrack versiones anteriores a 2020.3.4313, 2020.2.11008, 2020.1.11011, 2019.1.65514, 2019.2.65515 y 2019.3.65516, un atacante puede recuperar una descripción de problema sin el acceso apropiado • https://blog.jetbrains.com https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020 https://youtrack.jetbrains.com/issue/JT-59265 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19704
https://notcve.org/view.php?id=CVE-2019-19704
In JetBrains Upsource before 2020.1, information disclosure is possible because of an incorrect user matching algorithm. En JetBrains Upsource versiones anteriores a 2020.1, una divulgación de información es posible debido a un algoritmo de coincidencia de usuario incorrecto • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2020/08/06/jetbrains-security-bulletin-q2-2020 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15830
https://notcve.org/view.php?id=CVE-2020-15830
JetBrains TeamCity before 2019.2.3 is vulnerable to stored XSS in the administration UI. JetBrains TeamCity versiones anteriores a 2019.2.3, es vulnerable a un ataque de tipo XSS almacenado en la Interfaz de Usuario de administración • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2020/08/06/jetbrains-security-bulletin-q2-2020 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15831
https://notcve.org/view.php?id=CVE-2020-15831
JetBrains TeamCity before 2019.2.3 is vulnerable to reflected XSS in the administration UI. JetBrains TeamCity versiones anteriores a 2019.2.3, es vulnerable a un ataque de tipo XSS reflejado en la Interfaz de Usuario de administración • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2020/08/06/jetbrains-security-bulletin-q2-2020 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •