Page 21 of 194 results (0.002 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

In JetBrains TeamCity before 2022.04 reflected XSS on the Build Chain Status page was possible En JetBrains TeamCity versiones anteriores a 2022.04, era posible un ataque de tipo XSS reflejado en la página Build Chain Status • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

JetBrains TeamCity before 2021.2.2 was vulnerable to reflected XSS. JetBrains TeamCity antes de 2021.2.2, era vulnerable a un ataque de tipo XSS reflejado. • https://blog.jetbrains.com https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

JetBrains TeamCity before 2021.2.3 was vulnerable to OS command injection in the Agent Push feature configuration. JetBrains TeamCity antes de 2021.2.3, era vulnerable a una inyección de comandos del Sistema Operativo en la configuración de la función Agent Push. • https://blog.jetbrains.com https://www.jetbrains.com/privacy-security/issues-fixed • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

In JetBrains TeamCity before 2021.2.3, environment variables of the "password" type could be logged in some cases. En JetBrains TeamCity antes de 2021.2.3, las variables de entorno del tipo "password" podían registrarse en algunos casos. • https://blog.jetbrains.com https://www.jetbrains.com/privacy-security/issues-fixed • CWE-922: Insecure Storage of Sensitive Information •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

In JetBrains TeamCity before 2021.2.1, URL injection leading to CSRF was possible. En JetBrains TeamCity versiones anteriores a 2021.2.1, era posible una inyección de URL que conllevaba a un ataque de tipo CSRF. • https://github.com/yuriisanin/CVE-2022-24342 https://blog.jetbrains.com https://blog.jetbrains.com/blog/2022/02/08/jetbrains-security-bulletin-q4-2021 • CWE-352: Cross-Site Request Forgery (CSRF) •