File Content Disclosure Vulnerability in JetBrains IntelliJ IDEA
CVE-2022-48430

5.5MEDIUM

Key Information:

Vendor: Jetbrains
Status: Intellij Idea
Vendor: CVE Published:; 29 March 2023

What is CVE-2022-48430?

A vulnerability in JetBrains IntelliJ IDEA prior to version 2023.1 allows for unauthorized disclosure of file content through manipulated external stylesheet paths during the Markdown preview feature. This could potentially expose sensitive information to unauthorized users, necessitating immediate attention for users of affected versions to mitigate risks.

Affected Version(s)

IntelliJ IDEA 0 < 2023.1

References

https://www.jetbrains.com/privacy-security/issues-fixed/

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 29, 2023
Vulnerability Reserved
Mar 29, 2023

Jetbrains

What is CVE-2022-48430?

Affected Version(s)

References

CVSS V3.1

Timeline