Search Results | AttackerKB

100 Total Results

Displaying 21-30 of 100

Attacker Value

Unknown

CVE-2024-47160

Disclosure Date: September 19, 2024 (last updated September 25, 2024)

In JetBrains YouTrack before 2024.3.44799 access to global app config data without appropriate permissions was possible

Attacker Value

Unknown

CVE-2024-47159

Disclosure Date: September 19, 2024 (last updated September 25, 2024)

In JetBrains YouTrack before 2024.3.44799 user without appropriate permissions could restore workflows attached to a project

Attack Vector: Network Privileges: Low User Interaction: None

Attacker Value

Unknown

CVE-2024-38506

Disclosure Date: June 18, 2024 (last updated August 23, 2024)

In JetBrains YouTrack before 2024.2.34646 user without appropriate permissions could enable the auto-attach option for workflows

Attack Vector: Network Privileges: Low User Interaction: None

Attacker Value

Unknown

CVE-2024-38505

Disclosure Date: June 18, 2024 (last updated August 23, 2024)

In JetBrains YouTrack before 2024.2.34646 user access token was sent to the third-party site

Attack Vector: Network Privileges: None User Interaction: None

Attacker Value

Unknown

CVE-2024-38504

Disclosure Date: June 18, 2024 (last updated August 23, 2024)

In JetBrains YouTrack before 2024.2.34646 the Guest User Account was enabled for attaching files to articles

Attack Vector: Network Privileges: None User Interaction: None

Attacker Value

Unknown

CVE-2024-35299

Disclosure Date: May 16, 2024 (last updated January 29, 2025)

In JetBrains YouTrack before 2024.1.29548 the SMTPS protocol communication lacked proper certificate hostname validation

Attack Vector: Network Privileges: None User Interaction: None

Attacker Value

Unknown

CVE-2024-28230

Disclosure Date: March 07, 2024 (last updated December 18, 2024)

In JetBrains YouTrack before 2024.1.25893 attaching/detaching workflow to a project was possible without project admin permissions

Attack Vector: Network Privileges: Low User Interaction: None

Attacker Value

Unknown

CVE-2024-28229

Disclosure Date: March 07, 2024 (last updated December 18, 2024)

In JetBrains YouTrack before 2024.1.25893 user without appropriate permissions could restore issues and articles

Attack Vector: Network Privileges: Low User Interaction: None

Attacker Value

Unknown

CVE-2024-28228

Disclosure Date: March 07, 2024 (last updated December 18, 2024)

In JetBrains YouTrack before 2024.1.25893 creation comments on behalf of an arbitrary user in HelpDesk was possible

Attack Vector: Network Privileges: None User Interaction: None

Attacker Value

Unknown

CVE-2024-22370

Disclosure Date: January 09, 2024 (last updated January 13, 2024)

In JetBrains YouTrack before 2023.3.22666 stored XSS via markdown was possible

Attack Vector: Network Privileges: Low User Interaction: Required

100 Total Results

Displaying 21-30 of 100

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Quick Cookie Notification