JetBrains YouTrack versions URL Redirection to Untrusted Site (‘Open Redirect’) Vulnerability 

Summary

JetBrains YouTrack versions before 2019.1.52545 allowed unbounded URL whitelisting because of the Inclusion of Functionality from an Untrusted Control Sphere.

 

Credit:

The information has been provided by Robert Demmer

The original article can be found at: https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019/


Details

Vulnerable Systems: 

JetBrains YouTrack versions before 2019.1.52545

CVE Information:

CVE-2019-15041

Disclosure Timeline:

Published Date:10/01/2019