CVE-2024-50581

Name of the Vulnerable Software and Affected Versions JetBrains YouTrack versions prior to 2024.3.47707

Description The issue is related to improper HTML sanitization, which could lead to a cross-site scripting (XSS) attack via a comment tag. This vulnerability is associated with a lack of protection measures for the web page structure, allowing an attacker to conduct cross-site scripting attacks.

Recommendations For versions prior to 2024.3.47707, update to version 2024.3.47707 or later to resolve the issue. As a temporary workaround, consider restricting user input in comment tags to minimize the risk of exploitation.