CVE-2022-46827

Name of the Vulnerable Software and Affected Versions JetBrains IntelliJ IDEA versions prior to 2022.3

Description The issue allows for an XXE attack, which can lead to a Server-Side Request Forgery (SSRF) via requests to custom plugin repositories. This occurs due to a flaw in handling requests to these repositories, enabling an attacker to potentially exploit the system.

Recommendations For versions prior to 2022.3, update to version 2022.3 or later to resolve the issue. As a temporary workaround, consider restricting access to custom plugin repositories until the update is applied.