183 results (0.128 seconds)

CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0

In JetBrains TeamCity before 2024.07.3 stored XSS was possible via server global settings • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0

In JetBrains TeamCity before 2024.07.3 stored XSS was possible in Backup configuration settings • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

In JetBrains TeamCity before 2024.07.3 path traversal allowed backup file write to arbitrary location • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-23: Relative Path Traversal •

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

In JetBrains TeamCity before 2024.07.3 path traversal leading to information disclosure was possible via server backups • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-23: Relative Path Traversal •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

In JetBrains TeamCity before 2024.07.3 password could be exposed via Sonar runner REST API • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-522: Insufficiently Protected Credentials •