Page 8 of 431 results (0.003 seconds)

CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0

In JetBrains Hub before 2024.2.34646 stored XSS via project description was possible En JetBrains Hub antes de 2024.2.34646 era posible XSS Almacenado a través de la descripción del proyecto • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0

In JetBrains YouTrack before 2024.2.34646 user without appropriate permissions could enable the auto-attach option for workflows En JetBrains YouTrack anterior a 2024.2.34646, el usuario sin los permisos adecuados podía habilitar la opción de conexión automática para flujos de trabajo • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-862: Missing Authorization •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

In JetBrains YouTrack before 2024.2.34646 user access token was sent to the third-party site En JetBrains YouTrack antes de 2024.2.34646 se enviaba el token de acceso del usuario al sitio de terceros • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-522: Insufficiently Protected Credentials •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

In JetBrains YouTrack before 2024.2.34646 the Guest User Account was enabled for attaching files to articles En JetBrains YouTrack antes de 2024.2.34646, la cuenta de usuario invitado estaba habilitada para adjuntar archivos a artículos • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-862: Missing Authorization •

CVSS: 9.3EPSS: 0%CPEs: 44EXPL: 2

GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP2; DataGrip 2023.1.3, 2023.2.4, 2023.3.5, 2024.1.4; DataSpell 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.2, 2024.2 EAP1; GoLand 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; MPS 2023.2.1, 2023.3.1, 2024.1 EAP2; PhpStorm 2023.1.6, 2023.2.6, 2023.3.7, 2024.1.3, 2024.2 EAP3; PyCharm 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.3, 2024.2 EAP2; Rider 2023.1.7, 2023.2.5, 2023.3.6, 2024.1.3; RubyMine 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP4; RustRover 2024.1.1; WebStorm 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.4 El token de acceso de GitHub podría estar expuesto a sitios de terceros en los IDE de JetBrains posteriores a la versión 2023.1 y anteriores a: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP2; DataGrip 2023.1.3, 2023.2.4, 2023.3.5, 2024.1.4; DataSpell 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.2, 2024.2 EAP1; GoLand 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; MPS 2023.2.1, 2023.3.1, 2024.1 EAP2; PhpStorm 2023.1.6, 2023.2.6, 2023.3.7, 2024.1.3, 2024.2 EAP3; PyCharm 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.3, 2024.2 EAP2; Rider 2023.1.7, 2023.2.5, 2023.3.6, 2024.1.3; RubyMine 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP4; RustRover 2024.1.1; WebStorm 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.4 • https://github.com/LeadroyaL/CVE-2024-37051-EXP https://github.com/mrblackstar26/CVE-2024-37051 https://www.jetbrains.com/privacy-security/issues-fixed https://security.netapp.com/advisory/ntap-20240705-0004 • CWE-522: Insufficiently Protected Credentials •