Primary

Context

JetBrains YouTrack Improper Access Control Vulnerability Allowing Modification of MCP Tool Logic

Vulnerability

Patched

A vulnerability in JetBrains YouTrack versions prior to 2025.3.104432 allows improper access control, which could be exploited to modify the logic of the MCP tool. This issue arises from inadequate authorization checks, enabling unauthorized users to make changes that could affect the tool's functionality.

Impact

Exploitation of this vulnerability could lead to unauthorized modifications in the MCP tool logic, potentially disrupting workflows or project management processes that rely on this functionality.

Remediation

Users can update to YouTrack version 2025.3.104432 or later to address this vulnerability.

Added: Nov 10, 2025, 2:23 PM

Updated: Nov 10, 2025, 2:23 PM

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

0.6

exploitability

5.2

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

0.6

exploitability

5.2

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

JetBrains YouTrack Improper Access Control Vulnerability Allowing Modification of MCP Tool Logic

Vulnerability

Impact

Remediation

Affected Products

JetBrains YouTrack

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating