Note:
This project will be discontinued after December 13, 2021. [more]
2019-10-01
JetBrains YouTrack versions before 2019.2.53938 had a possible XSS through issue attachments when using the Firefox browser.
Products | Youtrack |
Type | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79) |
First patch | - None (likely due to unavailable code) |
Links | https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019/ |