Login Sign Up

CVE-2021-25765

8.8 HIGH
CSRF

📋 TL;DR

This Cross-Site Request Forgery (CSRF) vulnerability in JetBrains YouTrack allows attackers to trick authenticated users into uploading malicious attachments without their consent. It affects YouTrack instances before version 2020.4.4701, potentially compromising data integrity and enabling further attacks.

💻 Affected Systems

Products:
  • JetBrains YouTrack
Versions: All versions before 2020.4.4701
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Affects all YouTrack deployments with default configurations; requires user authentication to exploit.

📦 What is this software?

Youtrack by Jetbrains

View all CVEs affecting Youtrack →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could upload malicious files that execute code on the server, compromise user accounts, or exfiltrate sensitive data through crafted attachments.

🟠

Likely Case

Unauthorized file uploads leading to data manipulation, phishing payload delivery, or disruption of YouTrack functionality.

🟢

If Mitigated

With proper CSRF protections and input validation, the attack surface is minimized, though the vulnerability still exists in unpatched versions.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires tricking an authenticated user into visiting a malicious webpage; no public exploit code is known.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2020.4.4701 and later

Vendor Advisory: https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/

Restart Required: Yes

Instructions:

1. Backup YouTrack data. 2. Download and install YouTrack version 2020.4.4701 or later from the JetBrains website. 3. Restart the YouTrack service. 4. Verify the update by checking the version in the admin interface.

🔧 Temporary Workarounds

Implement CSRF Tokens

all

Manually add CSRF protection to attachment upload endpoints if customizing YouTrack.

Restrict Attachment Types

all

Configure YouTrack to block potentially dangerous file types (e.g., .exe, .js) via admin settings.

🧯 If You Can't Patch

  • Deploy a Web Application Firewall (WAF) with CSRF protection rules.
  • Isolate YouTrack instance behind a VPN or restrict access to trusted users only.

🔍 How to Verify

Check if Vulnerable:

Check the YouTrack version in the admin dashboard or via the API; if below 2020.4.4701, it is vulnerable.

Check Version:

curl -s http://youtrack-instance/rest/admin/version | grep version

Verify Fix Applied:

Confirm the version is 2020.4.4701 or higher and test attachment uploads with CSRF attempts in a controlled environment.

📡 Detection & Monitoring

Log Indicators:

  • Unusual attachment uploads from unexpected IPs or user agents
  • Failed CSRF token validation logs

Network Indicators:

  • HTTP POST requests to attachment endpoints without referrer headers or CSRF tokens

SIEM Query:

source="youtrack.log" AND ("attachment upload" OR "CSRF") AND status=200

📊 Metadata

CVE ID: CVE-2021-25765
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-352
Published: February 3, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-25765, you might also want to check these:

CVE-2025-23922 10.0

A Cross-Site Request Forgery (CSRF) vulnerability in the Harsh iSpring Embedder WordPress plugin all...

Same vulnerability type (CWE-352)
CVE-2020-23426 9.8

CVE-2020-23426 is a privilege escalation vulnerability in zzcms 201910 that allows attackers to gain...

Same vulnerability type (CWE-352)
CVE-2024-33449 9.8

This SSRF vulnerability in PDFMyURL allows attackers to make the service send requests to internal s...

Same vulnerability type (CWE-352)