Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Jetbrains Subscribe
Filtered by product Youtrack
Total 66 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-15040 1 Jetbrains 1 Youtrack 2024-02-28 6.8 MEDIUM 8.8 HIGH
JetBrains YouTrack versions before 2019.1 had a CSRF vulnerability on the settings page.
CVE-2019-12867 1 Jetbrains 1 Youtrack 2024-02-28 7.5 HIGH 9.8 CRITICAL
Certain actions could cause privilege escalation for issue attachments in JetBrains YouTrack. The issue was fixed in 2018.4.49168.
CVE-2019-12851 1 Jetbrains 1 Youtrack 2024-02-28 6.8 MEDIUM 8.8 HIGH
A CSRF vulnerability was detected in one of the admin endpoints of JetBrains YouTrack. The issue was fixed in YouTrack 2018.4.49852.
CVE-2019-12852 1 Jetbrains 1 Youtrack 2024-02-28 7.5 HIGH 9.8 CRITICAL
An SSRF attack was possible on a JetBrains YouTrack server. The issue (1 of 2) was fixed in JetBrains YouTrack 2018.4.49168.
CVE-2019-12850 1 Jetbrains 1 Youtrack 2024-02-28 7.5 HIGH 9.8 CRITICAL
A query injection was possible in JetBrains YouTrack. The issue was fixed in YouTrack 2018.4.49168.
CVE-2019-12866 1 Jetbrains 1 Youtrack 2024-02-28 7.5 HIGH 9.8 CRITICAL
An Insecure Direct Object Reference, with Authorization Bypass through a User-Controlled Key, was possible in JetBrains YouTrack. The issue was fixed in 2018.4.49168.