CVE-2022-24332
https://notcve.org/view.php?id=CVE-2022-24332
In JetBrains TeamCity before 2021.2, a logout action didn't remove a Remember Me cookie. En JetBrains TeamCity versiones anteriores a 2021.2, una acción de cierre de sesión no eliminaba una cookie Remember Me. • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2022/02/08/jetbrains-security-bulletin-q4-2021 • CWE-613: Insufficient Session Expiration •
CVE-2022-24331
https://notcve.org/view.php?id=CVE-2022-24331
In JetBrains TeamCity before 2021.1.4, GitLab authentication impersonation was possible. En JetBrains TeamCity versiones anteriores a 2021.1.4, era posible una suplantación de la autenticación de GitLab. • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2022/02/08/jetbrains-security-bulletin-q4-2021 •
CVE-2022-24330
https://notcve.org/view.php?id=CVE-2022-24330
In JetBrains TeamCity before 2021.2.1, a redirection to an external site was possible. En JetBrains TeamCity versiones anteriores a 2021.2.1, era posible un redireccionamiento a un sitio externo. • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2022/02/08/jetbrains-security-bulletin-q4-2021 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVE-2021-43202
https://notcve.org/view.php?id=CVE-2021-43202
In JetBrains TeamCity before 2021.1.3, the X-Frame-Options header is missing in some cases. En JetBrains TeamCity versiones anteriores a 2021.1.3, el encabezado X-Frame-Options falta en algunos casos • https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021 •
CVE-2021-43194
https://notcve.org/view.php?id=CVE-2021-43194
In JetBrains TeamCity before 2021.1.2, user enumeration was possible. En JetBrains TeamCity versiones anteriores a 2021.1.2, era posible una enumeración de usuarios • https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021 •