CVE-2019-19704 — CVSS 7.5 (high): In JetBrains Upsource before 2020.1, information disclosure is possible because of an incorrect user matching algorithm.
CVE-2019-14961 — CVSS 6.1 (medium): JetBrains Upsource before 2019.1.1412 was not properly escaping HTML tags in a code block comments, leading to XSS.
CVE-2019-12156 — CVSS 5.3 (medium): Server metadata could be exposed because one of the error messages reflected the whole response back to the client in JetBrains TeamCity…