CVE-2024-50577

Name of the Vulnerable Software and Affected Versions JetBrains YouTrack versions prior to 2024.3.47707

Description The issue is related to a stored XSS vulnerability via Angular template injection in Hub settings. This could allow an attacker to perform cross-site scripting attacks. The vulnerability is associated with a lack of protection for the web page structure.

Recommendations For versions prior to 2024.3.47707, update to version 2024.3.47707 or later to resolve the issue. As a temporary workaround, consider restricting access to the Hub settings until the update is applied.