CNNVD-202507-3533 Information
CNNVD ID
CNNVD-202507-3533
Related CVE
- CNNVD Published: 2025-07-28
Description (Chinese)
JetBrains YouTrack是捷克JetBrains公司的一套基于浏览器的错误跟踪和项目管理软件。该软件具有错误跟踪、创建工作流程和监控项目进度等功能。 JetBrains YouTrack存在安全漏洞,该漏洞源于iframe配置不当,可能导致绕过安全限制。以下版本受到影响:2025.2.86935、2025.2.87167、2025.3.87341和2025.3.87344之前版本。
Description (English)
Jetbrains YouTrack is a project management software set based on browser-based errors by Czech Jetbrains. The software has features such as bug tracking, creating workflows and monitoring project progress. There is a security loophole in Jetbrains YouTrack, which stems from the inappropriate configuration of the frame, which could lead to circumventing security restrictions. The following versions were affected: 2025.2.86935, 2025.2.87167, 2025.3.87341 and 2025.3.87344.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
JetBrains
Published
2025-07-28
Last Modified
2026-02-24
References
https://www.jetbrains.com/privacy-security/issues-fixed/ https://access.redhat.com/security/cve/cve-2025-54527
Patch
https://www.jetbrains.com/privacy-security/issues-fixed/
Share on: