CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15823
https://notcve.org/view.php?id=CVE-2020-15823
08 Aug 2020 — JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component. JetBrains YouTrack versiones anteriores a 2020.2.8873, es vulnerable a un ataque de tipo SSRF en el componente Workflow • https://blog.jetbrains.com • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15821
https://notcve.org/view.php?id=CVE-2020-15821
08 Aug 2020 — In JetBrains YouTrack before 2020.2.6881, a user without permission is able to create an article draft. En JetBrains YouTrack versiones anteriores a 2020.2.6881, un usuario sin permiso puede crear un borrador de artículo • https://blog.jetbrains.com • CWE-276: Incorrect Default Permissions •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15820
https://notcve.org/view.php?id=CVE-2020-15820
08 Aug 2020 — In JetBrains YouTrack before 2020.2.6881, the markdown parser could disclose hidden file existence. En JetBrains YouTrack versiones anteriores a 2020.2.6881, el analizador de rebajas podía divulgar la presencia de archivos ocultos • https://blog.jetbrains.com •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15819
https://notcve.org/view.php?id=CVE-2020-15819
08 Aug 2020 — JetBrains YouTrack before 2020.2.10643 was vulnerable to SSRF that allowed scanning internal ports. JetBrains YouTrack versiones anteriores a 2020.2.10643, era vulnerable a un ataque de tipo SSRF que permitía escanear puertos internos • https://blog.jetbrains.com • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15817
https://notcve.org/view.php?id=CVE-2020-15817
08 Aug 2020 — In JetBrains YouTrack before 2020.1.1331, an external user could execute commands against arbitrary issues. En JetBrains YouTrack versiones anteriores a 2020.1.1331, un usuario externo podía ejecutar comandos frente a problemas arbitrarios • https://blog.jetbrains.com •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15818
https://notcve.org/view.php?id=CVE-2020-15818
08 Aug 2020 — In JetBrains YouTrack before 2020.2.8527, the subtasks workflow could disclose issue existence. En JetBrains YouTrack versiones anteriores a 2020.2.8527, el flujo de trabajo de las subtareas podría revelar la existencia de un problema • https://blog.jetbrains.com •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-11693
https://notcve.org/view.php?id=CVE-2020-11693
22 Apr 2020 — JetBrains YouTrack before 2020.1.659 was vulnerable to DoS that could be caused by attaching a malformed TIFF file to an issue. JetBrains YouTrack versiones anteriores a la versión 2020.1.659, era vulnerable a una DoS que podría ser causado al adjuntar un archivo TIFF malformado a un problema. • https://blog.jetbrains.com/blog/2020/04/22/jetbrains-security-bulletin-q1-2020 •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-11692
https://notcve.org/view.php?id=CVE-2020-11692
22 Apr 2020 — In JetBrains YouTrack before 2020.1.659, DB export was accessible to read-only administrators. En JetBrains YouTrack versiones anteriores a la versión 2020.1.659, una exportación de DB era accesible a unos administradores de solo lectura. • https://blog.jetbrains.com/blog/2020/04/22/jetbrains-security-bulletin-q1-2020 • CWE-276: Incorrect Default Permissions •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-7913
https://notcve.org/view.php?id=CVE-2020-7913
30 Jan 2020 — JetBrains YouTrack 2019.2 before 2019.2.59309 was vulnerable to XSS via an issue description. JetBrains YouTrack versiones 2019.2 anteriores a 2019.2.59309, era vulnerable a un ataque de tipo XSS por medio de una descripción de problema. • https://blog.jetbrains.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-7912
https://notcve.org/view.php?id=CVE-2020-7912
30 Jan 2020 — In JetBrains YouTrack before 2019.2.59309, SMTP/Jabber settings could be accessed using backups. En JetBrains YouTrack versiones anteriores a 2019.2.59309, la configuración SMTP/Jabber podría ser accedida usando copias de seguridad. • https://blog.jetbrains.com • CWE-668: Exposure of Resource to Wrong Sphere •