Improper Access Control in YouTrack Allows Listing of Project Names Without Authentication

CVE-2024-54155

Currently unrated

Key Information:

Vendor: JetBrains
Vendor: CVE Published:; 4 December 2024

Summary

In JetBrains YouTrack before 2024.3.51866 improper access control allowed listing of project names during app import without authentication

References

https://www.jetbrains.com/privacy-security/issues-fixed/

Timeline

Vulnerability published
Dec 4, 2024

Collectors

NVD Database

.