Monthly Archive: November 2020

CVE-2020-28693

An unrestricted file upload issue in HorizontCMS 1.0.0-beta allows an authenticated remote attacker to upload PHP code through a zip file by uploading a theme, and executing the PHP file via an HTTP GET...

CVE-2020-27629

In JetBrains TeamCity before 2020.1.5, secure dependency parameters could be not masked in depending builds when there are no internal artifacts. Date published : 2020-11-16 JetBrains Security Bulletin Q3 2020 Home

CVE-2020-27628

In JetBrains TeamCity before 2020.1.5, the Guest user had access to audit records. Date published : 2020-11-16 JetBrains Security Bulletin Q3 2020 Home

CVE-2020-27627

JetBrains TeamCity before 2020.1.2 was vulnerable to URL injection. Date published : 2020-11-16 JetBrains Security Bulletin Q3 2020 Home

CVE-2020-27626

JetBrains YouTrack before 2020.3.5333 was vulnerable to SSRF. Date published : 2020-11-16 JetBrains Security Bulletin Q3 2020 Home

CVE-2020-27625

In JetBrains YouTrack before 2020.3.888, notifications might have mentioned inaccessible issues. Date published : 2020-11-16 Home

CVE-2020-27624

JetBrains YouTrack before 2020.3.888 was vulnerable to SSRF. Date published : 2020-11-16 JetBrains Security Bulletin Q3 2020 Home

CVE-2020-27623

JetBrains IdeaVim before version 0.58 might have caused an information leak in limited circumstances. Date published : 2020-11-16 JetBrains Security Bulletin Q3 2020 Home

CVE-2020-27622

In JetBrains IntelliJ IDEA before 2020.2, the built-in web server could expose information about the IDE version. Date published : 2020-11-16 JetBrains Security Bulletin Q3 2020 Home