Vulnerabilidades en JetBrains
325 resultadosCVE-2023-34219MEDIUMIn JetBrains TeamCity before 2023.05 improper permission checks allowed users without appropriate permissions to edit Build Configuration seEPSS 0.4%CVE-2024-54153LOWIn JetBrains YouTrack before 2024.3.51866 unauthenticated database backup download was possible via vulnerable query parameterEPSS 0.4%CVE-2025-26493MEDIUMIn JetBrains TeamCity before 2024.12.2 several DOM-based XSS were possible on the Code Inspection Report tabEPSS 0.3%CVE-2025-48391HIGHIn JetBrains YouTrack before 2025.1.76253 deletion of issues was possible due to missing permission checks in APIEPSS 0.3%CVE-2023-34224MEDIUMIn JetBrains TeamCity before 2023.05 open redirect during oAuth configuration was possibleEPSS 0.3%CVE-2024-36375MEDIUMIn JetBrains TeamCity before 2024.03.2 technical information regarding TeamCity server could be exposedEPSS 0.3%CVE-2024-49580MEDIUMIn JetBrains Ktor before 2.3.13 improper caching in HttpCache Plugin could lead to response information disclosureEPSS 0.3%CVE-2024-43809LOWIn JetBrains TeamCity before 2024.07.1 reflected XSS was possible on the agentPushPreset pageEPSS 0.3%CVE-2024-41829LOWIn JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space could be stolen via Space Application connectionEPSS 0.3%CVE-2023-39173MEDIUMIn JetBrains TeamCity before 2023.05.2 a token with limited permissions could be used to gain full account accessEPSS 0.3%CVE-2024-28174MEDIUMIn JetBrains TeamCity before 2023.11.4 presigned URL generation requests in S3 Artifact Storage plugin were authorized improperlyEPSS 0.3%CVE-2024-47162MEDIUMIn JetBrains YouTrack before 2024.3.44799 token could be revealed on Imports pageEPSS 0.3%CVE-2024-47159MEDIUMIn JetBrains YouTrack before 2024.3.44799 user without appropriate permissions could restore workflows attached to a projectEPSS 0.3%CVE-2023-51655MEDIUMIn JetBrains IntelliJ IDEA before 2023.3.2 code execution was possible in Untrusted Project mode via a malicious plugin repository specifiedEPSS 0.3%CVE-2026-49367HIGHIn JetBrains IntelliJ IDEA before 2026.1.1 command execution was possible via the guest user accountEPSS 0.3%CVE-2024-36364MEDIUMIn JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 improper access control in Pull Requests and Commit status publisherEPSS 0.3%CVE-2024-36376MEDIUMIn JetBrains TeamCity before 2024.03.2 users could perform actions that should not be available to them based on their permissionsEPSS 0.3%CVE-2024-36377MEDIUMIn JetBrains TeamCity before 2024.03.2 certain TeamCity API endpoints did not check user permissionsEPSS 0.3%CVE-2022-48430MEDIUMIn JetBrains IntelliJ IDEA before 2023.1 file content could be disclosed via an external stylesheet path in Markdown preview.EPSS 0.3%CVE-2024-50575MEDIUMIn JetBrains YouTrack before 2024.3.47707 reflected XSS was possible in Widget APIEPSS 0.3%