CNNVD-202508-2403 Information
CNNVD ID
CNNVD-202508-2403
Related CVE
- CNNVD Published: 2025-08-20
Description (Chinese)
JetBrains YouTrack是捷克JetBrains公司的一套基于浏览器的错误跟踪和项目管理软件。该软件具有错误跟踪、创建工作流程和监控项目进度等功能。 JetBrains YouTrack 2025.2.92387之前版本存在安全漏洞,该漏洞源于Mermaid图表内容可能导致存储型跨站脚本。
Description (English)
Jetbrains YouTrack is a project management software set based on browser-based errors by Czech Jetbrains. The software has features such as bug tracking, creating workflows and monitoring project progress. There was a security loophole in the pre-Jetbrains YouTrack 20252.22387 version, which originated from the Mermaid chart content that could lead to storage-type cross-site scripts.
Hazard Level
Medium
Vulnerability Type
跨站脚本
Affected Vendor
JetBrains
Published
2025-08-20
Last Modified
2026-02-24
References
https://www.jetbrains.com/privacy-security/issues-fixed/ https://nvd.nist.gov/vuln/detail/CVE-2025-57731
Patch
https://www.jetbrains.com/privacy-security/issues-fixed/
Share on: