CVE-2021-43198
https://notcve.org/view.php?id=CVE-2021-43198
In JetBrains TeamCity before 2021.1.2, stored XSS is possible. En JetBrains TeamCity versiones anteriores a 2021.1.2, un ataque de tipo XSS almacenado es posible • https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-43200
https://notcve.org/view.php?id=CVE-2021-43200
In JetBrains TeamCity before 2021.1.2, permission checks in the Agent Push functionality were insufficient. En JetBrains TeamCity versiones anteriores a 2021.1.2, las comprobaciones de permisos en la funcionalidad Agent Push eran insuficientes • https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021 •
CVE-2021-43201
https://notcve.org/view.php?id=CVE-2021-43201
In JetBrains TeamCity before 2021.1.3, a newly created project could take settings from an already deleted project. En JetBrains TeamCity versiones anteriores a 2021.1.3, un proyecto recién creado podía tomar la configuración de un proyecto ya eliminado • https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021 •
CVE-2021-37548
https://notcve.org/view.php?id=CVE-2021-37548
In JetBrains TeamCity before 2021.1, passwords in cleartext sometimes could be stored in VCS. En JetBrains TeamCity versiones anteriores a 2021.1, unas contraseñas en texto sin cifrar a veces podían ser almacenados en VCS • https://blog.jetbrains.com/blog/2021/08/05/jetbrains-security-bulletin-q2-2021 • CWE-312: Cleartext Storage of Sensitive Information •
CVE-2021-37547
https://notcve.org/view.php?id=CVE-2021-37547
In JetBrains TeamCity before 2020.2.4, insufficient checks during file uploading were made. En JetBrains TeamCity versiones anteriores a 2020.2.4, las comprobaciones durante la carga de archivos eran insuficientes • https://blog.jetbrains.com/blog/2021/08/05/jetbrains-security-bulletin-q2-2021 •