What the vulnerability does
01Description
In JetBrains YouTrack before 2024.3.44799 user without appropriate permissions could restore workflows attached to a project
CVSS base score
4.3/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Key dates
02Disclosure timeline
September 19, 2024
CVE published
September 19, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-6707 Race condition in privilege cache invalidation cycle
CVE-2026-44221 ArcadeDB: Cross-database authorization bypass and unsecured newly-created databases
CVE-2025-1418 Information disclosure in Proget MDM
CVE-2021-1540 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities
CVE-2026-32021 OpenClaw < 2026.2.22 - Authorization Bypass via Display Name Collision in Feishu allowFrom
