| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| In JetBrains YouTrack Mobile before 2021.2, iOS URL scheme hijacking is possible. |
| JetBrains YouTrack Mobile before 2021.2, is missing the security screen on Android and iOS. |
| In JetBrains YouTrack Mobile before 2021.2, task hijacking on Android is possible. |
| In JetBrains YouTrack Mobile before 2021.2, access token protection on Android is incomplete. |
| In JetBrains YouTrack Mobile before 2021.2, access token protection on iOS is incomplete. |
| In JetBrains YouTrack Mobile before 2021.2, the client-side cache on iOS could contain sensitive information. |
| JetBrains YouTrack before 2021.3.24402 is vulnerable to stored XSS. |
| JetBrains YouTrack before 2021.3.23639 is vulnerable to Host header injection. |
| In JetBrains YouTrack before 2021.3.21051, stored XSS is possible. |
| In JetBrains YouTrack before 2021.3.21051, a user could see boards without having corresponding permissions. |
| In JetBrains YouTrack before 2021.2.16363, an insecure PRNG was used. |
| In JetBrains YouTrack before 2021.2.17925, stored XSS was possible. |
| In JetBrains YouTrack before 2021.2.16363, system user passwords were hashed with SHA-256. |
| In JetBrains YouTrack before 2021.2.16363, time-unsafe comparisons were used. |
| In JetBrains YouTrack before 2021.1.11111, sandboxing in workflows was insufficient. |
| In JetBrains YouTrack before 2020.6.8801, information disclosure in an issue preview was possible. |
| In JetBrains YouTrack before 2021.1.9819, a pull request's title was sanitized insufficiently, leading to XSS. |
| In JetBrains YouTrack before 2020.6.6600, access control during the exporting of issues was implemented improperly. |
| In JetBrains YouTrack before 2020.6.6441, stored XSS was possible via an issue attachment. |
| In JetBrains YouTrack before 2020.6.1099, project information could be potentially disclosed. |
