CVE-2024-28229: In JetBrains YouTrack before 2024.1.25893 user without appropriate permissions could restore issues and articles
6.5
CVSS
Description
In JetBrains YouTrack before 2024.1.25893 user without appropriate permissions could restore issues and articles
Classification
CVE ID: CVE-2024-28229
CVSS Base Severity: MEDIUM
CVSS Base Score: 6.5
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Problem Types
CWE-863Affected Products
Vendor: JetBrains
Product: YouTrack
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.01% (probability of being exploited)
EPSS Percentile: 0.24% (scored less or equal to compared to others)
EPSS Date: 2025-04-18 (when was this score calculated)
Stakeholder-Specific Vulnerability Categorization (SSVC)
SSVC Exploitation: none
SSVC Technical Impact: partial
SSVC Automatable: false
References
https://nvd.nist.gov/vuln/detail/CVE-2024-28229https://www.jetbrains.com/privacy-security/issues-fixed/