CVE-2024-28228
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Published Mar 7, 2024
Updated: Dec 16, 2024
CWE ID 290
Summary
CVE-2024-28228 is a vulnerability affecting JetBrains YouTrack versions prior to 2024.1.25893. An attacker could manipulate the system to create comments on behalf of an arbitrary user in the HelpDesk module. This issue poses a risk for unauthorized actions and potential data breaches. Users are encouraged to upgrade to the latest version to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- JetBrains YouTrack
Affected Vendors
- JetBrains