Sensitive information could be disclosed in the JetBrains YouTrack application before 2020.2.0 for Android via application backups.

JetBrains YouTrack before 2020.3.888 was vulnerable to SSRF.

Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.

In JetBrains YouTrack before 2020.2.10514, SSRF is possible because URL filtering can be escaped.

If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection (in violation of the HTTP/2 protocol), it was possible that a subsequent request made on that connection could contain HTTP headers - including HTTP/2 pseudo headers - from a previous request rather than the intended headers. This could lead to users seeing responses for unexpected resources.

In JetBrains YouTrack versions before 2020.3.4313, 2020.2.11008, 2020.1.11011, 2019.1.65514, 2019.2.65515, and 2019.3.65516, an attacker can retrieve an issue description without appropriate access.

JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component.

In JetBrains YouTrack before 2020.2.6881, a user without permission is able to create an article draft.

JetBrains YouTrack before 2020.2.10643 was vulnerable to SSRF that allowed scanning internal ports.

In JetBrains YouTrack before 2020.2.6881, the markdown parser could disclose hidden file existence.