Filtered by vendor Jetbrains Subscriptions
Total 424 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-50576 1 Jetbrains 1 Youtrack 2024-10-29 4.6 Medium
In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via vendor URL in App manifest
CVE-2024-50577 1 Jetbrains 1 Youtrack 2024-10-29 4.6 Medium
In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via Angular template injection in Hub settings
CVE-2024-50578 1 Jetbrains 1 Youtrack 2024-10-29 4.6 Medium
In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via sprint value on agile boards page
CVE-2024-50579 1 Jetbrains 1 Youtrack 2024-10-29 4.6 Medium
In JetBrains YouTrack before 2024.3.47707 reflected XSS due to insecure link sanitization was possible
CVE-2024-50580 1 Jetbrains 1 Youtrack 2024-10-29 4.6 Medium
In JetBrains YouTrack before 2024.3.47707 multiple XSS were possible due to insecure markdown parsing and custom rendering rule
CVE-2024-50581 1 Jetbrains 1 Youtrack 2024-10-29 4.6 Medium
In JetBrains YouTrack before 2024.3.47707 improper HTML sanitization could lead to XSS attack via comment tag
CVE-2024-50582 1 Jetbrains 1 Youtrack 2024-10-29 4.6 Medium
In JetBrains YouTrack before 2024.3.47707 stored XSS was possible due to improper HTML sanitization in markdown elements
CVE-2024-50574 1 Jetbrains 1 Youtrack 2024-10-29 5.3 Medium
In JetBrains YouTrack before 2024.3.47707 potential ReDoS exploit was possible via email header parsing in Helpdesk functionality
CVE-2024-50573 1 Jetbrains 1 Hub 2024-10-29 4.3 Medium
In JetBrains Hub before 2024.3.47707 improper access control allowed users to generate permanent tokens for unauthorized services
CVE-2024-48902 1 Jetbrains 1 Youtrack 2024-10-16 5.4 Medium
In JetBrains YouTrack before 2024.3.46677 improper access control allowed users with project update permission to delete applications via API
CVE-2024-47951 1 Jetbrains 1 Teamcity 2024-10-11 3.5 Low
In JetBrains TeamCity before 2024.07.3 stored XSS was possible via server global settings
CVE-2024-47950 1 Jetbrains 1 Teamcity 2024-10-11 3.5 Low
In JetBrains TeamCity before 2024.07.3 stored XSS was possible in Backup configuration settings
CVE-2024-47949 1 Jetbrains 1 Teamcity 2024-10-11 4.9 Medium
In JetBrains TeamCity before 2024.07.3 path traversal allowed backup file write to arbitrary location
CVE-2024-47948 1 Jetbrains 1 Teamcity 2024-10-11 4.9 Medium
In JetBrains TeamCity before 2024.07.3 path traversal leading to information disclosure was possible via server backups
CVE-2024-47161 1 Jetbrains 1 Teamcity 2024-10-11 4.3 Medium
In JetBrains TeamCity before 2024.07.3 password could be exposed via Sonar runner REST API
CVE-2024-47159 1 Jetbrains 1 Youtrack 2024-09-24 4.3 Medium
In JetBrains YouTrack before 2024.3.44799 user without appropriate permissions could restore workflows attached to a project
CVE-2024-47160 1 Jetbrains 1 Youtrack 2024-09-24 4.3 Medium
In JetBrains YouTrack before 2024.3.44799 access to global app config data without appropriate permissions was possible
CVE-2024-47162 1 Jetbrains 1 Youtrack 2024-09-24 4.1 Medium
In JetBrains YouTrack before 2024.3.44799 token could be revealed on Imports page
CVE-2024-46970 1 Jetbrains 1 Intellij Idea 2024-09-20 3.3 Low
In JetBrains IntelliJ IDEA before 2024.1 hTML injection via the project name was possible
CVE-2024-43114 1 Jetbrains 1 Teamcity 2024-09-11 7.5 High
In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory permissions