Home
LOW: 3.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:NDefault status
unaffected
Any version before 2026.2.17012
affected
Description
In JetBrains YouTrack before 2026.2.17012 cSS injection via Mermaid diagram rendering was possible
Problem types
Product status
Any version before 2026.2.17012
References
www.jetbrains.com/privacy-security/issues-fixed/