CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0CVE-2024-36369
https://notcve.org/view.php?id=CVE-2024-36369
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via issue tracker integration was possible En JetBrains TeamCity antes de 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 era posible XSS almacenado mediante la integración del rastreador de problemas • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0CVE-2024-36368
https://notcve.org/view.php?id=CVE-2024-36368
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 reflected XSS via OAuth provider configuration was possible En JetBrains TeamCity antes de 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 XSS reflejado a través de la configuración del proveedor OAuth era posible • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0CVE-2024-36367
https://notcve.org/view.php?id=CVE-2024-36367
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via third-party reports was possible En JetBrains TeamCity antes de 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 era posible XSS almacenado a través de informes de terceros. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2024-36366
https://notcve.org/view.php?id=CVE-2024-36366
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 an XSS could be executed via certain report grouping and filtering operations En JetBrains TeamCity antes de 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 se podía ejecutar un XSS a través de ciertas operaciones de filtrado y agrupación de informes. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-36365
https://notcve.org/view.php?id=CVE-2024-36365
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5, 2024.03.2 a third-party agent could impersonate a cloud agent En JetBrains TeamCity antes de 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2, un agente externo podría hacerse pasar por un agente en la nube. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-863: Incorrect Authorization •