The two vulnerabilities reported in late-February by Rapid7 would enable an attacker to bypass authentication checks and gain administrative control.
For users unable to update to version 2023.11.4, JetBrains released a security patch plugin for mitigation.
[
add
]
[
|
|
...
]