Yurii SanininInfoSec Write-upsEye for an eye: Unusual single click JWT token takeoverThis story is about an unusual open redirect misconfiguration I found in JetBrains Datalore.3 min read·Sep 5, 2021----
Yurii SanininMitmLabHow I found a primitive but critical broken access control vulnerability in YouTrack…Here is a story about how I found a primitive but critical vulnerability in JetBrains YouTrack.3 min read·Aug 24, 2021--1--1
Yurii SanininMitmLabCVE-2020–15823: Server-Side Request Forgery (SSRF) in JetBrains YouTrackMore than a year ago I discovered a misconfiguration that leads to SSRF in YouTrack, and here are detailed steps on how I did it.4 min read·Jan 6, 2022----