Jetbrains: >> Youtrack >> 2022.3.65373 Security Vulnerabilities
In JetBrains YouTrack before 2026.2.16593 improper authorisation in the app configurations endpoint allowed modifying project settings
CVSS Score
5.3
EPSS Score
0.002
Published
2026-06-26
In JetBrains YouTrack before 2026.2.16593 default role configuration exposed excessive user profile details
CVSS Score
4.3
EPSS Score
0.002
Published
2026-06-26
In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading saved queries and tags
CVSS Score
4.3
EPSS Score
0.002
Published
2026-06-26
In JetBrains YouTrack before 2026.2.16593 the websandbox bridge was vulnerable to a prototype pollution attack
CVSS Score
2.6
EPSS Score
0.004
Published
2026-06-26
In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading users' private data via the comment templates endpoint
CVSS Score
4.3
EPSS Score
0.002
Published
2026-06-26
In JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possible
CVSS Score
3.1
EPSS Score
0.001
Published
2026-06-26
In JetBrains YouTrack before 2026.1.13570 improper access control allowed low-privileged users to modify service accounts
CVSS Score
6.5
EPSS Score
0.002
Published
2026-05-29
In JetBrains YouTrack before 2026.1.13570 improper access control allowed enumeration of restricted issues and articles on Planning Canvas
CVSS Score
6.5
EPSS Score
0.002
Published
2026-05-29
In JetBrains YouTrack before 2026.1.13162 stored XSS in project notification templates was possible
CVSS Score
8.7
EPSS Score
0.002
Published
2026-05-29
In JetBrains YouTrack before 2026.1.13162 information disclosure was possible on Users and Groups pages
CVSS Score
4.3
EPSS Score
0.002
Published
2026-05-29
Page 1