CVE-2019-12867 (NVD)

2019-07-03

Certain actions could cause privilege escalation for issue attachments in JetBrains YouTrack. The issue was fixed in 2018.4.49168.

Products Youtrack
Type Permissions, Privileges, and Access Controls (CWE-264)
First patch - None (likely due to unavailable code)
Links https://blog.jetbrains.com/blog/2019/06/19/jetbrains-security-bulletin-q1-2019/