Jetbrains: >> Youtrack Security Vulnerabilities
In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit
CVSS Score
2.7
EPSS Score
0.0
Published
2025-11-11
In JetBrains YouTrack before 2025.3.104432 missing TLS certificate validation enabled data disclosure
CVSS Score
8.1
EPSS Score
0.0
Published
2025-11-10
In JetBrains YouTrack before 2025.3.104432 information disclosure was possible via the feedback form
CVSS Score
4.3
EPSS Score
0.0
Published
2025-11-10
In JetBrains YouTrack before 2025.2.92387 stored XSS was possible via Mermaid diagram content
CVSS Score
8.7
EPSS Score
0.001
Published
2025-08-20
In JetBrains YouTrack before 2025.2.86935,
2025.2.87167,
2025.3.87341,
2025.3.87344 improper iframe configuration in widget sandbox allows popups to bypass security restrictions
CVSS Score
6.1
EPSS Score
0.0
Published
2025-07-28
In JetBrains YouTrack before 2025.2.86069,
2024.3.85077,
2025.1.86199 email spoofing via an administrative API was possible
CVSS Score
7.6
EPSS Score
0.0
Published
2025-07-15
In JetBrains YouTrack before 2025.1.76253 deletion of issues was possible due to missing permission checks in API
CVSS Score
7.7
EPSS Score
0.0
Published
2025-05-20
In JetBrains YouTrack before 2025.1.74704 restricted attachments could become visible after issue cloning
CVSS Score
4.3
EPSS Score
0.0
Published
2025-05-20
In JetBrains YouTrack before 2024.3.55417 permanent tokens could be exposed in logs
CVSS Score
5.5
EPSS Score
0.0
Published
2025-01-21
In JetBrains YouTrack before 2024.3.55417 account takeover was possible via spoofed email and Helpdesk integration
CVSS Score
7.1
EPSS Score
0.0
Published
2025-01-21
Page 1