Vulnerabilities
Vulnerable Software
In JetBrains YouTrack before 2025.2.86935, 2025.2.87167, 2025.3.87341, 2025.3.87344 improper iframe configuration in widget sandbox allows popups to bypass security restrictions
CVSS Score
6.1
EPSS Score
0.002
Published
2025-07-28
In JetBrains YouTrack before 2025.2.86069, 2024.3.85077, 2025.1.86199 email spoofing via an administrative API was possible
CVSS Score
7.6
EPSS Score
0.003
Published
2025-07-15
In JetBrains YouTrack before 2025.1.76253 deletion of issues was possible due to missing permission checks in API
CVSS Score
7.7
EPSS Score
0.003
Published
2025-05-20
In JetBrains YouTrack before 2025.1.74704 restricted attachments could become visible after issue cloning
CVSS Score
4.3
EPSS Score
0.003
Published
2025-05-20
In JetBrains YouTrack before 2024.3.55417 permanent tokens could be exposed in logs
CVSS Score
5.5
EPSS Score
0.006
Published
2025-01-21
In JetBrains YouTrack before 2024.3.55417 account takeover was possible via spoofed email and Helpdesk integration
CVSS Score
7.1
EPSS Score
0.002
Published
2025-01-21
In JetBrains YouTrack before 2024.3.51866 system takeover was possible through path traversal in plugin sandbox
CVSS Score
8.0
EPSS Score
0.007
Published
2024-12-04
In JetBrains YouTrack before 2024.3.51866 improper access control allowed listing of project names during app import without authentication
CVSS Score
3.7
EPSS Score
0.004
Published
2024-12-04
In JetBrains YouTrack before 2024.3.52635 multiple merge functions were vulnerable to prototype pollution attack
CVSS Score
4.2
EPSS Score
0.003
Published
2024-12-04
In JetBrains YouTrack before 2024.3.52635 potential ReDoS was possible due to vulnerable RegExp in Ruby syntax detector
CVSS Score
4.3
EPSS Score
0.006
Published
2024-12-04


Contact Us

Shodan ® - All rights reserved