CVE-2024-50582

Name of the Vulnerable Software and Affected Versions JetBrains YouTrack versions prior to 2024.3.47707

Description The issue is related to the lack of protection of the web page structure in JetBrains YouTrack, allowing for stored XSS attacks due to improper HTML sanitization in markdown elements. This could enable a remote attacker to conduct cross-site scripting attacks.

Recommendations For versions prior to 2024.3.47707, update to version 2024.3.47707 or later to resolve the issue. As a temporary workaround, consider restricting the use of markdown elements until a patch is available.