vulnerability

JetBrains IntelliJ IDEA: CVE-2022-46827: An XXE attack leading to SSRF via requests to custom plugin repositories was possible (IDEA-302855)

Severity	CVSS	Published	Added	Modified
3	(AV:L/AC:M/Au:S/C:P/I:P/A:N)	Dec 8, 2022	Jan 29, 2025	Jul 29, 2025

Severity

CVSS

(AV:L/AC:M/Au:S/C:P/I:P/A:N)

Published

Dec 8, 2022

Added

Jan 29, 2025

Modified

Jul 29, 2025

Description

In JetBrains IntelliJ IDEA before 2022.3 an XXE attack leading to SSRF via requests to custom plugin repositories was possible.

jetbrains-intellij-idea-upgrade-latest

NEW

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.