CVE-2022-48343
https://notcve.org/view.php?id=CVE-2022-48343
In JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability in the user creation process. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-48342
https://notcve.org/view.php?id=CVE-2022-48342
In JetBrains TeamCity before 2022.10.2 jVMTI was enabled by default on agents. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-1188: Initialization of a Resource with an Insecure Default •
CVE-2022-44624
https://notcve.org/view.php?id=CVE-2022-44624
In JetBrains TeamCity version before 2022.10, Password parameters could be exposed in the build log if they contained special characters En la versión JetBrains TeamCity anterior a 2022.10, los parámetros de contraseña podían quedar expuestos en el registro de compilación si contenían caracteres especiales. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-532: Insertion of Sensitive Information into Log File •
CVE-2022-44646
https://notcve.org/view.php?id=CVE-2022-44646
In JetBrains TeamCity version before 2022.10, no audit items were added upon editing a user's settings En la versión JetBrains TeamCity anterior a 2022.10, no se agregaron elementos de auditoría al editar la configuración de un usuario • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-223: Omission of Security-relevant Information •
CVE-2022-44623
https://notcve.org/view.php?id=CVE-2022-44623
In JetBrains TeamCity version before 2022.10, Project Viewer could see scrambled secure values in the MetaRunner settings En la versión JetBrains TeamCity anterior a 2022.10, Project Viewer podía ver valores seguros codificados en la configuración de MetaRunner. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory •