CVE-2024-48902

Name of the Vulnerable Software and Affected Versions JetBrains YouTrack versions prior to 2024.3.46677

Description The issue is related to improper access control in JetBrains YouTrack, allowing users with project update permission to delete applications via API. This could potentially allow a remote attacker to elevate their privileges.

Recommendations For versions prior to 2024.3.46677, update to version 2024.3.46677 or later to resolve the issue. As a temporary workaround, consider restricting access to the API endpoint that allows application deletion to minimize the risk of exploitation.