CVE-2023-50871 MEDIUM

CVE-2023-50871

Vendor Jetbrains
Product YouTrack
Weakness CWE-285
Published December 15, 2023
Last update August 2, 2024
View on NVD All CVEs

CVSS base score

4.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

In JetBrains YouTrack before 2023.3.22268 authorization check for inline comments inside thread replies was missed

Key dates

02Disclosure timeline

December 15, 2023 CVE published
August 2, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-3569 JamesZBL/code-projects db-hospital-drug ShiroConfig.java improper authorization CVE-2023-27594 Cilium vulnerable to potential network policy bypass when routing IPv6 traffic CVE-2025-8401 HT Mega – Absolute Addons For Elementor <= 2.9.1 - Authenticated (Author+) Sensitive Information Exposure CVE-2024-2557 kishor-23 Food Waste Management System admin.php improper authorization CVE-2025-4017 20120630 Novel-Plus LogController.java list improper authorization