91 results (0.002 seconds)

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0

In JetBrains YouTrack before 2024.3.47707 stored XSS was possible due to improper HTML sanitization in markdown elements • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0

In JetBrains YouTrack before 2024.3.47707 improper HTML sanitization could lead to XSS attack via comment tag • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0

In JetBrains YouTrack before 2024.3.47707 multiple XSS were possible due to insecure markdown parsing and custom rendering rule • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0

In JetBrains YouTrack before 2024.3.47707 reflected XSS due to insecure link sanitization was possible • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0

In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via sprint value on agile boards page • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •