Page 14 of 206 results (0.005 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

In JetBrains TeamCity before 2023.11.1 a CSRF on login was possible En JetBrains TeamCity antes de 2023.11.1 era posible un CSRF al iniciar sesión • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

In JetBrains TeamCity before 2023.05.4 stored XSS was possible during nodes configuration En JetBrains TeamCity antes de 2023.05.4, era posible almacenar XSS durante la configuración de los nodos • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 97%CPEs: 1EXPL: 13

In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible En JetBrains TeamCity antes de la versión 2023.05.4, era posible omitir la autenticación que conducía a RCE en TeamCity Server JetBrains TeamCity version 2023.05.3 suffers from a remote code execution vulnerability. JetBrains TeamCity contains an authentication bypass vulnerability that allows for remote code execution on TeamCity Server. • https://www.exploit-db.com/exploits/51884 https://github.com/H454NSec/CVE-2023-42793 https://github.com/Zyad-Elsayed/CVE-2023-42793 https://github.com/junnythemarksman/CVE-2023-42793 https://github.com/Zenmovie/CVE-2023-42793 https://github.com/hotplugin0x01/CVE-2023-42793 https://github.com/HusenjanDev/CVE-2023-42793 https://github.com/FlojBoj/CVE-2023-42793 https://github.com/whoamins/CVE-2023-42793 https://github.com/johnossawy/CVE-2023-42793_POC https://github.com&# • CWE-288: Authentication Bypass Using an Alternate Path or Channel •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during user registration En TeamCity de JetBrains antes de 2023.05.3 era posible realizar un Cross-Site Scripting (XSS) Reflejado durante el registro de usuario. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during copying Build Step En TeamCity de JetBrains antes de 2023.05.3 era posible realizar un Cross-Site Scripting (XSS) Reflejado durante la copia de Build Step. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •