Headline
CVE-2022-24347: JetBrains Security Bulletin Q4 2021 | JetBrains News
JetBrains YouTrack before 2021.4.36872 was vulnerable to stored XSS via a project icon.
JetBrains Security
JetBrains Security Bulletin Q4 2021
In the fourth quarter of 2021, we resolved a number of security issues in our products. Here’s a summary report that contains a description of each issue and the version in which it was resolved.
Product
Description
Severity
Resolved in
CVE/CWE
Datalore
Another user’s database could be attached (DL-9779)
High
Not applicable
Not applicable
Hub
JetBrains Account integration exposed API keys with excessive permissions. Reported by Yurii Sanin (HUB-10958)
High
2021.1.13890
CVE-2022-24327
Hub
An unprivileged user could perform a DoS. Reported by Yurii Sanin (HUB-10976)
High
2021.1.13956
CVE-2022-24328
IntelliJ IDEA
Code could be executed without the user’s permission on opening a project (IDEA-243002, IDEA-277306, IDEA-282396, IDEA-275917)
Medium
2021.2.4
CVE-2022-24345
IntelliJ IDEA
Potential LCE via RLO (Right-to-Left Override) characters (IDEA-284150)
Medium
2021.3.1
CVE-2022-24346
JetBrains Blog
Blind SQL injection. Reported by Khan Janny (BLOG-45)
Medium
Not applicable
Not applicable
Kotlin
No ability to lock dependencies for Kotlin Multiplatform Gradle projects. Reported by Carter Jernigan (KT-49449)
Medium
1.6.0
CVE-2022-24329
Kotlin websites
Clickjacking at kotlinlang.org (KTL-588)
Medium
Not applicable
Not applicable
Remote Development
Unexpected open port on backend server. Please refer to this blog post for additional details. Reported by Damian Gwiżdż (GTW-894)
High
Not 2021.3.1
CVE-2021-45977
Space
Missing permission check in an HTTP API response (SPACE-15991)
High
Not applicable
Not applicable
TeamCity
A redirect to an external site was possible (TW-71113)
Low
2021.2.1
CVE-2022-24330
TeamCity
Logout failed to remove the “Remember Me” cookie (TW-72969)
Low
2021.2
CVE-2022-24332
TeamCity
GitLab authentication impersonation. Reported by Christian Pedersen (TW-73375)
High
2021.1.4
CVE-2022-24331
TeamCity
The “Agent push” feature allowed any private key on the server to be selected (TW-73399)
Low
2021.2.1
CVE-2022-24334
TeamCity
Blind SSRF via an XML-RPC call. Reported by Artem Godin (TW-73465)
Medium
2021.2
CVE-2022-24333
TeamCity
Time-of-check/Time-of-use (TOCTOU) vulnerability in agent registration via XML-RPC. Reported by Artem Godin (TW-73468)
High
2021.2
CVE-2022-24335
TeamCity
An unauthenticated attacker could cancel running builds via an XML-RPC request to the TeamCity server. Reported by Artem Godin (TW-73469)
Medium
2021.2.1
CVE-2022-24336
TeamCity
Pull-requests’ health items were shown to users without appropriate permissions (TW-73516)
Low
2021.2
CVE-2022-24337
TeamCity
Stored XSS. Reported by Yurii Sanin (TW-73737)
Medium
2021.2.1
CVE-2022-24339
TeamCity
URL injection leading to CSRF. Reported by Yurii Sanin (TW-73859)
Medium
2021.2.1
CVE-2022-24342
TeamCity
Changing a password failed to terminate sessions of the edited user (TW-73888)
Low
2021.2.1
CVE-2022-24341
TeamCity
XXE during the parsing of a configuration file (TW-73932)
Medium
2021.2.1
CVE-2022-24340
TeamCity
Reflected XSS (TW-74043)
Medium
2021.2.1
CVE-2022-24338
TeamCity
Stored XSS on the Notification templates page (JT-65752))
Low
2021.4.31698
CVE-2022-24344
YouTrack
A custom logo could be set with read-only permissions (JT-66214)
Low
2021.4.31698
CVE-2022-24343
YouTrack
Stored XSS via project icon. Reported by Yurii Sanin (JT-67176)
Medium
2021.4.36872
CVE-2022-24347
If you need any further assistance, please contact our Security Team.
Subscribe to receive the bulletin in your mailbox.
Your JetBrains Team_
The Drive to Develop_