CVE-2022-25262

CRITICAL

JetBrains Hub < 2022.1.14434 - SAML Request Takeover via Insufficient Verification of Data Authenticity

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-25262. PoCs published by yuriisanin.

AI-analyzed exploit summary This PoC exploits CVE-2022-25262, a vulnerability in JetBrains Hub allowing single-click SAML response takeover via OAuth2 authorization code manipulation. The exploit leverages the YouTrack Konnector service to intercept authorization codes and craft malicious SAML responses.

Description

In JetBrains Hub before 2022.1.14434, SAML request takeover was possible.

Exploits (1)

nomisec WORKING POC 16 stars

by yuriisanin · poc

https://github.com/yuriisanin/CVE-2022-25262

View Code ZIP pw:eip

This PoC exploits CVE-2022-25262, a vulnerability in JetBrains Hub allowing single-click SAML response takeover via OAuth2 authorization code manipulation. The exploit leverages the YouTrack Konnector service to intercept authorization codes and craft malicious SAML responses.

Classification

Working Poc 100%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: JetBrains Hub <2022.1.14434

No auth needed

Prerequisites: JetBrains Hub configured as SAML IdP · YouTrack Konnector service installed · Victim with active Hub session

MITRE ATT&CK

T1550 - Use Alternate Authentication Material T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory x_refsource_misc

https://blog.jetbrains.com

Vendor Advisory x_refsource_misc

https://www.jetbrains.com/privacy-security/issues-fixed/

Scores

CVSS v3 9.8

EPSS 0.0142

EPSS Percentile 69.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-345

Status published

Products (1)

jetbrains/hub < 2022.1.14434

Published Feb 25, 2022

Tracked Since Feb 18, 2026