Download
| Alert*
oval:org.secpod.oval:def:59032
JetBrains YouTrack is installed oval:org.secpod.oval:def:68920 The host is installed with JetBrains YouTrack before 2020.4.4701 and is prone to a cross-site request forgery vulnerability. A flaw is present in the application, which fails to properly handle issue in attachment upload. Successful exploitation could allow attackers to perform CSRF attacks. oval:org.secpod.oval:def:59037 The host is installed with JetBrains YouTrack before 2018.4.49852 and is prone to a CSRF vulnerability. A flaw is present in the application, which fails to properly handle an issue at an admin endpoint. Successful exploitation could allow attackers to execute code or obtain sensitive information. oval:org.secpod.oval:def:59034 The host is installed with JetBrains YouTrack before 2018.4.49168 and is prone to an improper authorization vulnerability. A flaw is present in the application, which fails to properly handle user-controlled keys. Successful exploitation could allow attackers to obtain sensitive information. oval:org.secpod.oval:def:59035 The host is installed with JetBrains YouTrack before 2018.4.49168 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle issue attachments. Successful exploitation could allow attackers to obtain sensitive information. oval:org.secpod.oval:def:59033 The host is installed with JetBrains YouTrack before 2018.4.49168 and is prone to an SSRF attack vulnerability. A flaw is present in the application, which fails to properly handle a malformed request. Successful exploitation could allow attackers to obtain sensitive information. oval:org.secpod.oval:def:68924 The host is installed with JetBrains YouTrack before 2020.4.6808 and is prone to an improper authorization vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow attackers to disable an administrator from accessing ... oval:org.secpod.oval:def:68921 The host is installed with JetBrains YouTrack before 2020.4.4701 and is prone to an improper authorization vulnerability. A flaw is present in the application, which fails to properly handle improper resource access checks. Successful exploitation could allow attackers to access restricted resources ... oval:org.secpod.oval:def:67376 The host is installed with JetBrains YouTrack before 2020.3.888 and is prone to an SSRF vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow attackers to cause unspecified impact. oval:org.secpod.oval:def:67377 The host is installed with JetBrains YouTrack before 2020.3.888 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle access restrictions to notifications. Successful exploitation could allow attackers to obtain sensitive inform ... oval:org.secpod.oval:def:68919 The host is installed with JetBrains YouTrack before 2020.4.4701 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle issue in REST API. Successful exploitation could allow attackers without the appropriate permissions to enumerat ... oval:org.secpod.oval:def:67374 The host is installed with JetBrains YouTrack before 2020.3.6638 and is prone to an improper access control vulnerability. A flaw is present in the application, which fails to properly handle access restrictions to some subresources. Successful exploitation could allow attackers to obtain sensitive ... oval:org.secpod.oval:def:67375 The host is installed with JetBrains YouTrack before 2020.3.7955 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle access restrictions to workflow rules. Successful exploitation could allow attackers to access workflow rules wi ... oval:org.secpod.oval:def:68922 The host is installed with JetBrains YouTrack before 2020.6.1767 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an issue in YouTrack command execution. Successful exploitation could allow attackers to obtain information a ... oval:org.secpod.oval:def:68925 The host is installed with JetBrains YouTrack before 2020.6.1099 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow attackers to obtain sensitive information. oval:org.secpod.oval:def:59036 The host is installed with JetBrains YouTrack before 2018.4.49168 and is prone to an SQL injection vulnerability. A flaw is present in the application, which fails to properly handle improper input validation. Successful exploitation could allow attackers to execute system commands. oval:org.secpod.oval:def:68923 The host is installed with JetBrains YouTrack before 2020.4.4701 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper permissions checks for attachment actions. Successful exploitation could allow attackers obtain elevate ... oval:org.secpod.oval:def:65353 The host is installed with JetBrains YouTrack 2020.3.x before 2020.3.4313, 2020.2.x before 2020.2.11008, 2020.1.x before 2020.1.11011, 2019.1.x before 2019.1.65514, 2019.2.x before 2019.2.65515 or 2019.3.x before 2019.3.65516 and is prone to an information dicslosure vulnerability. A flaw is present ... oval:org.secpod.oval:def:90546 The host is installed with JetBrains YouTrack before 23.1.10518 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle Helpdesk forms. Successful exploitation could allow attackers to cause denial of service. oval:org.secpod.oval:def:90545 The host is installed with JetBrains YouTrack before 23.1.10518 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle Markdown-rendering engine. Successful exploitation could allow attackers to cause unpecified impact. oval:org.secpod.oval:def:96917 The host is installed with JetBrains YouTrack before 2023.3.22666 and is prone to a stored XSS vulnerability. A flaw is present in the application, which is fails to properly handle an issue in markdown. Successful exploitation could allow attackers to cause cross-site scripting. oval:org.secpod.oval:def:10000981 The host is installed with JetBrains YouTrack before 2024.2.34646 and is prone to a file attachment authorization vulnerability. A flaw is present in the application, which is fails to properly handle an unknown code block of the File Attachment Handler. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:10000982 The host is installed with JetBrains YouTrack before 2024.2.34646 and is prone to an insufficiently protected credentials vulnerability. A flaw is present in the application, which is fails to properly handle the Access Token Handler. Successful exploitation could allow attackers to send the User ac ... oval:org.secpod.oval:def:10000983 The host is installed with JetBrains YouTrack before 2024.2.34646 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which is fails to properly handle unspecified vectors. Successful exploitation could allow attackers to make an user without appropriate permi ... |