Product:

Hub

(Jetbrains)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 27
Date Id Summary Products Score Patch Annotated
2024-10-28 CVE-2024-50573 In JetBrains Hub before 2024.3.47707 improper access control allowed users to generate permanent tokens for unauthorized services Hub 5.4
2024-06-18 CVE-2024-38507 In JetBrains Hub before 2024.2.34646 stored XSS via project description was possible Hub 5.4
2023-03-27 CVE-2022-48429 In JetBrains Hub before 2022.3.15573, 2022.2.15572, 2022.1.15583 reflected XSS in dashboards was possible Hub 5.4
2021-08-06 CVE-2021-37540 In JetBrains Hub before 2021.1.13262, a potentially insufficient CSP for the Widget deployment feature was used. Hub 6.5
2022-02-25 CVE-2022-25262 In JetBrains Hub before 2022.1.14434, SAML request takeover was possible. Hub 9.8
2023-04-24 CVE-2022-48477 In JetBrains Hub before 2023.1.15725 SSRF protection in Auth Module integration was missing Hub 9.8
2022-11-18 CVE-2022-45471 In JetBrains Hub before 2022.3.15181 Throttling was missed when sending emails to a particular email address Hub 7.5
2021-02-03 CVE-2021-25759 In JetBrains Hub before 2020.1.12629, an authenticated user can delete 2FA settings of any other user. Hub 6.5
2021-11-09 CVE-2021-43183 In JetBrains Hub before 2021.1.13690, the authentication throttling mechanism could be bypassed. Hub 9.8
2022-07-01 CVE-2022-34894 In JetBrains Hub before 2022.2.14799, insufficient access control allowed the hijacking of untrusted services Hub 5.3