Page 22 of 194 results (0.004 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

In JetBrains TeamCity before 2021.2.1, editing a user account to change its password didn't terminate sessions of the edited user. En JetBrains TeamCity versiones anteriores a 2021.2.1, la edición de una cuenta de usuario para cambiar su contraseña no terminaba las sesiones del usuario editado. • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2022/02/08/jetbrains-security-bulletin-q4-2021 • CWE-613: Insufficient Session Expiration •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

In JetBrains TeamCity before 2021.2.1, XXE during the parsing of the configuration file was possible. En JetBrains TeamCity versiones anteriores a 2021.2.1, era posible que se produjera un error de tipo XXE durante el análisis del archivo de configuración. • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2022/02/08/jetbrains-security-bulletin-q4-2021 • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

JetBrains TeamCity before 2021.2.1 was vulnerable to stored XSS. JetBrains TeamCity versiones anteriores a 2021.2.1 era vulnerable a un ataque de tipo XSS almacenado. • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2022/02/08/jetbrains-security-bulletin-q4-2021 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

JetBrains TeamCity before 2021.2.1 was vulnerable to reflected XSS. JetBrains TeamCity versiones anteriores a 2021.2.1 era vulnerable a un ataque de tipo XSS reflejado. • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2022/02/08/jetbrains-security-bulletin-q4-2021 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

In JetBrains TeamCity before 2021.2, health items of pull requests were shown to users who lacked appropriate permissions. En JetBrains TeamCity versiones anteriores a 2021.2, los elementos de salud de las peticiones de extracción eran mostrados a usuarios que carecían de los permisos apropiados. • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2022/02/08/jetbrains-security-bulletin-q4-2021 • CWE-276: Incorrect Default Permissions •