PT-2024-36075 · Jetbrains · Youtrack
Published
2024-12-04
·
Updated
2025-01-31
·
CVE-2024-54154
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
JetBrains YouTrack versions prior to 2024.3.51866
Description:
The issue allows system takeover through path traversal in the plugin sandbox.
Recommendations:
For versions prior to 2024.3.51866, update to version 2024.3.51866 to resolve the issue.
Fix
Path traversal
Relative Path Traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Youtrack