Note:
This project will be discontinued after December 13, 2021. [more]
2020-08-08
In JetBrains YouTrack before 2020.1.1331, an external user could execute commands against arbitrary issues.
Products | Youtrack |
Type | Improper Control of Generation of Code ('Code Injection') (CWE-94) |
First patch | - None (likely due to unavailable code) |
Links |
• https://blog.jetbrains.com
• https://blog.jetbrains.com/blog/2020/08/06/jetbrains-security-bulletin-q2-2020/ |