Skip to main content
CVE-2021-43186 MEDIUM This Month

JetBrains YouTrack before 2021.3.24402 is vulnerable to stored XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Youtrack
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-43184 MEDIUM This Month

In JetBrains YouTrack before 2021.3.21051, stored XSS is possible. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Youtrack
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-43201 MEDIUM This Month

In JetBrains TeamCity before 2021.1.3, a newly created project could take settings from an already deleted project. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Teamcity
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2021-43199 MEDIUM This Month

In JetBrains TeamCity before 2021.1.2, permission checks in the Create Patch functionality are insufficient. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Teamcity
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2021-43195 MEDIUM This Month

In JetBrains TeamCity before 2021.1.2, some HTTP security headers were missing. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Teamcity
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2021-43194 MEDIUM This Month

In JetBrains TeamCity before 2021.1.2, user enumeration was possible. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Teamcity
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2021-43192 MEDIUM This Month

In JetBrains YouTrack Mobile before 2021.2, iOS URL scheme hijacking is possible. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Youtrack Mobile
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2021-43191 MEDIUM This Month

JetBrains YouTrack Mobile before 2021.2, is missing the security screen on Android and iOS. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Youtrack Mobile
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2021-43190 MEDIUM This Month

In JetBrains YouTrack Mobile before 2021.2, task hijacking on Android is possible. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Youtrack Mobile
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2021-43187 MEDIUM This Month

In JetBrains YouTrack Mobile before 2021.2, the client-side cache on iOS could contain sensitive information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Youtrack Mobile
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2021-42026 MEDIUM PATCH This Month

A vulnerability has been identified in Mendix Applications using Mendix 8 (All versions < V8.18.13), Mendix Applications using Mendix 9 (All versions < V9.6.2). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Mendix
NVD
CVSS 3.1
4.3
EPSS
0.5%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy