CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0CVE-2024-36368
https://notcve.org/view.php?id=CVE-2024-36368
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 reflected XSS via OAuth provider configuration was possible En JetBrains TeamCity antes de 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 XSS reflejado a través de la configuración del proveedor OAuth era posible • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0CVE-2024-36367
https://notcve.org/view.php?id=CVE-2024-36367
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via third-party reports was possible En JetBrains TeamCity antes de 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 era posible XSS almacenado a través de informes de terceros. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2024-36366
https://notcve.org/view.php?id=CVE-2024-36366
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 an XSS could be executed via certain report grouping and filtering operations En JetBrains TeamCity antes de 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 se podía ejecutar un XSS a través de ciertas operaciones de filtrado y agrupación de informes. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-36365
https://notcve.org/view.php?id=CVE-2024-36365
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5, 2024.03.2 a third-party agent could impersonate a cloud agent En JetBrains TeamCity antes de 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2, un agente externo podría hacerse pasar por un agente en la nube. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-863: Incorrect Authorization •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-36364
https://notcve.org/view.php?id=CVE-2024-36364
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 improper access control in Pull Requests and Commit status publisher build features was possible En JetBrains TeamCity antes de 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 era posible un control de acceso inadecuado en las funciones de compilación del editor de estado de confirmación y solicitudes de extracción • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-863: Incorrect Authorization •