Page 19 of 431 results (0.007 seconds)

CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0

In JetBrains Ktor before 2.3.5 server certificates were not verified En JetBrains Ktor anterior a 2.3.5, los certificados de servidor no se verificaban • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-295: Improper Certificate Validation •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

In JetBrains Ktor before 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE En JetBrains Ktor anterior a 2.3.5, la configuración predeterminada de ContentNegotiation con formato XML era vulnerable a XXE • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

In JetBrains TeamCity before 2023.05.4 stored XSS was possible during nodes configuration En JetBrains TeamCity antes de 2023.05.4, era posible almacenar XSS durante la configuración de los nodos • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 97%CPEs: 1EXPL: 10

In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible En JetBrains TeamCity antes de la versión 2023.05.4, era posible omitir la autenticación que conducía a RCE en TeamCity Server JetBrains TeamCity version 2023.05.3 suffers from a remote code execution vulnerability. JetBrains TeamCity contains an authentication bypass vulnerability that allows for remote code execution on TeamCity Server. • https://www.exploit-db.com/exploits/51884 https://github.com/H454NSec/CVE-2023-42793 https://github.com/Zyad-Elsayed/CVE-2023-42793 https://github.com/junnythemarksman/CVE-2023-42793 https://github.com/Zenmovie/CVE-2023-42793 https://github.com/hotplugin0x01/CVE-2023-42793 https://github.com/HusenjanDev/CVE-2023-42793 https://github.com/FlojBoj/CVE-2023-42793 https://github.com/whoamins/CVE-2023-42793 http://packetstormsecurity.com/files/174860/JetBrains-TeamCity-Unauthenticated-Remote& • CWE-288: Authentication Bypass Using an Alternate Path or Channel •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during user registration En TeamCity de JetBrains antes de 2023.05.3 era posible realizar un Cross-Site Scripting (XSS) Reflejado durante el registro de usuario. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •