CVE-2020-24618 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2020-24618

CWE

https://cwe.mitre.org/data/definitions/.html

In JetBrains YouTrack versions before 2020.3.4313, 2020.2.11008, 2020.1.11011, 2019.1.65514, 2019.2.65515, and 2019.3.65516, an attacker can retrieve an issue description without appropriate access.

Affected Software

Name	Vendor	Start Version	End Version
Youtrack	Jetbrains	*	2019.1.65514 (excluding)
Youtrack	Jetbrains	2019.2.0 (including)	2019.2.65515 (excluding)
Youtrack	Jetbrains	2019.3 (including)	2019.3.65516 (excluding)
Youtrack	Jetbrains	2020.1 (including)	2020.1.11011 (excluding)
Youtrack	Jetbrains	2020.2 (including)	2020.2.11008 (excluding)
Youtrack	Jetbrains	2020.3 (including)	2020.3.4313 (excluding)

References

https://blog.jetbrains.com
https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/
https://youtrack.jetbrains.com/issue/JT-59265