What the vulnerability does
01Description
In JetBrains IntelliJ IDEA before 2023.3.3 a plugin for JetBrains Space was able to send an authentication token to an inappropriate URL
CVSS base score
6.1/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Key dates
02Disclosure timeline
February 6, 2024
CVE published
August 1, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-1041 Avaya Call Management System RCE vulnerability
CVE-2021-36041 Magento Commerce Improper Input Validation Could Lead To Remote Code Execution
CVE-2023-21554 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2020-9743 HTML injection in AEM's content editor component
CVE-2021-3910 NUL character in ROA causes OctoRPKI to crash
