CVE-2024-36366
https://notcve.org/view.php?id=CVE-2024-36366
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 an XSS could be executed via certain report grouping and filtering operations En JetBrains TeamCity antes de 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 se podía ejecutar un XSS a través de ciertas operaciones de filtrado y agrupación de informes. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-36365
https://notcve.org/view.php?id=CVE-2024-36365
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5, 2024.03.2 a third-party agent could impersonate a cloud agent En JetBrains TeamCity antes de 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2, un agente externo podría hacerse pasar por un agente en la nube. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-863: Incorrect Authorization •
CVE-2024-36364
https://notcve.org/view.php?id=CVE-2024-36364
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 improper access control in Pull Requests and Commit status publisher build features was possible En JetBrains TeamCity antes de 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 era posible un control de acceso inadecuado en las funciones de compilación del editor de estado de confirmación y solicitudes de extracción • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-863: Incorrect Authorization •
CVE-2024-36363
https://notcve.org/view.php?id=CVE-2024-36363
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 several Stored XSS in code inspection reports were possible En JetBrains TeamCity antes de 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 eran posibles varios XSS almacenados en informes de inspección de código. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-36362
https://notcve.org/view.php?id=CVE-2024-36362
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5, 2024.03.2 path traversal allowing to read files from server was possible En JetBrains TeamCity antes de 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 era posible path traversal permitiendo leer archivos del servidor • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-23: Relative Path Traversal •