CVSS: 4.6EPSS: 24%CPEs: 1EXPL: 0CVE-2024-36374
https://notcve.org/view.php?id=CVE-2024-36374
29 May 2024 — In JetBrains TeamCity before 2024.03.2 stored XSS via build step settings was possible En JetBrains TeamCity antes de 2024.03.2 era posible XSS almacenado a través de la configuración de pasos de compilación • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.6EPSS: 34%CPEs: 1EXPL: 0CVE-2024-36373
https://notcve.org/view.php?id=CVE-2024-36373
29 May 2024 — In JetBrains TeamCity before 2024.03.2 several stored XSS in untrusted builds settings were possible En JetBrains TeamCity antes de 2024.03.2, era posible varios XSS almacenados en configuraciones de compilaciones que no eran de confianza • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.6EPSS: 24%CPEs: 1EXPL: 0CVE-2024-36372
https://notcve.org/view.php?id=CVE-2024-36372
29 May 2024 — In JetBrains TeamCity before 2023.05.6 reflected XSS on the subscriptions page was possible En JetBrains TeamCity antes del 2023.05.5 era posible XSS reflejado en la página de suscripciones • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 34%CPEs: 2EXPL: 0CVE-2024-36371
https://notcve.org/view.php?id=CVE-2024-36371
29 May 2024 — In JetBrains TeamCity before 2023.05.6, 2023.11.5 stored XSS in Commit status publisher was possible En JetBrains TeamCity antes de 2023.05.5, era posible XSS almacenado en 2023.11.5 en el estado de confirmación del editor • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.6EPSS: 44%CPEs: 4EXPL: 0CVE-2024-36370
https://notcve.org/view.php?id=CVE-2024-36370
29 May 2024 — In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via OAuth connection settings was possible En JetBrains TeamCity antes de 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 era posible XSS almacenado a través de la configuración de conexión OAuth • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.6EPSS: 55%CPEs: 4EXPL: 0CVE-2024-36369
https://notcve.org/view.php?id=CVE-2024-36369
29 May 2024 — In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via issue tracker integration was possible En JetBrains TeamCity antes de 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 era posible XSS almacenado mediante la integración del rastreador de problemas • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.6EPSS: 1%CPEs: 4EXPL: 0CVE-2024-36368
https://notcve.org/view.php?id=CVE-2024-36368
29 May 2024 — In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 reflected XSS via OAuth provider configuration was possible En JetBrains TeamCity antes de 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 XSS reflejado a través de la configuración del proveedor OAuth era posible • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.6EPSS: 44%CPEs: 4EXPL: 0CVE-2024-36367
https://notcve.org/view.php?id=CVE-2024-36367
29 May 2024 — In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via third-party reports was possible En JetBrains TeamCity antes de 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 era posible XSS almacenado a través de informes de terceros. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 12%CPEs: 4EXPL: 0CVE-2024-36366
https://notcve.org/view.php?id=CVE-2024-36366
29 May 2024 — In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 an XSS could be executed via certain report grouping and filtering operations En JetBrains TeamCity antes de 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 se podía ejecutar un XSS a través de ciertas operaciones de filtrado y agrupación de informes. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-36365
https://notcve.org/view.php?id=CVE-2024-36365
29 May 2024 — In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5, 2024.03.2 a third-party agent could impersonate a cloud agent En JetBrains TeamCity antes de 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2, un agente externo podría hacerse pasar por un agente en la nube. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-863: Incorrect Authorization •