CVE-2020-11692 (NVD)

2020-04-22

In JetBrains YouTrack before 2020.1.659, DB export was accessible to read-only administrators.

Products Youtrack
Type Incorrect Default Permissions (CWE-276)
First patch - None (likely due to unavailable code)
Links https://blog.jetbrains.com/blog/2020/04/22/jetbrains-security-bulletin-q1-2020/