Primary

Context

JetBrains IntelliJ IDEA HTML Injection Vulnerability via Remote Development Feature

Vulnerability

Patched

A vulnerability allowing HTML injection has been identified in JetBrains IntelliJ IDEA versions prior to 2025.2. This issue arises through the Remote Development feature, where untrusted HTML could be injected and potentially executed.

Impact

Exploitation of this vulnerability allows for HTML injection, which could be used to execute scripts in the context of the user.

Remediation

Users can update to JetBrains IntelliJ IDEA version 2025.2 or later to address this vulnerability.

Added: Aug 20, 2025, 10:23 AM

Updated: Aug 20, 2025, 10:23 AM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

1.7

exploitability

3.3

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

1.7

exploitability

3.3

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

JetBrains IntelliJ IDEA HTML Injection Vulnerability via Remote Development Feature

Vulnerability

Impact

Remediation

Affected Products

JetBrains IntelliJ IDEA

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating