Описание
An Insecure Direct Object Reference, with Authorization Bypass through a User-Controlled Key, was possible in JetBrains YouTrack. The issue was fixed in 2018.4.49168.
Уязвимые конфигурации
Конфигурация 1Версия до 2018.4.49168 (исключая)
cpe:2.3:a:jetbrains:youtrack:*:*:*:*:*:*:*:*
EPSS
Процентиль: 0%
0.00004
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-639
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
An Insecure Direct Object Reference, with Authorization Bypass through a User-Controlled Key, was possible in JetBrains YouTrack. The issue was fixed in 2018.4.49168.
EPSS
Процентиль: 0%
0.00004
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-639