CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-7911
https://notcve.org/view.php?id=CVE-2020-7911
In JetBrains TeamCity before 2019.2, several user-level pages were vulnerable to XSS. En JetBrains TeamCity versiones anteriores a 2019.2, varias páginas de nivel de usuario eran vulnerables a un ataque de tipo XSS. • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2020/01/24/jetbrains-security-bulletin-q4-2019 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2020-7910
https://notcve.org/view.php?id=CVE-2020-7910
JetBrains TeamCity before 2019.2 was vulnerable to a stored XSS attack by a user with the developer role. JetBrains TeamCity versiones anteriores a 2019.2, era vulnerable a un ataque de tipo XSS almacenado por parte de un usuario con el rol de desarrollador. • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2020/01/24/jetbrains-security-bulletin-q4-2019 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-7909
https://notcve.org/view.php?id=CVE-2020-7909
In JetBrains TeamCity before 2019.1.5, some server-stored passwords could be shown via the web UI. En JetBrains TeamCity versiones anteriores a 2019.1.5, algunas contraseñas almacenadas en servidor podrían ser mostradas por medio de la Interfaz de Usuario Web. • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2020/01/24/jetbrains-security-bulletin-q4-2019 • CWE-522: Insufficiently Protected Credentials •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-7908
https://notcve.org/view.php?id=CVE-2020-7908
In JetBrains TeamCity before 2019.1.5, reverse tabnabbing was possible on several pages. En JetBrains TeamCity versiones anteriores a 2019.1.5, un ataque de tabnabbing inverso era posible en varias páginas. • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2020/01/24/jetbrains-security-bulletin-q4-2019 • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-7906
https://notcve.org/view.php?id=CVE-2020-7906
In JetBrains Rider versions 2019.3 EAP2 through 2019.3 EAP7, there were unsigned binaries provided by the Windows installer. This issue was fixed in release version 2019.3. En JetBrains Rider versiones 2019.3 EAP2 hasta 2019.3 EAP7, se presentaron binarios no firmados provistos por parte del instalador de Windows. Este problema fue corregido en la publicación de la versión 2019.3. • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2020/01/24/jetbrains-security-bulletin-q4-2019 • CWE-347: Improper Verification of Cryptographic Signature •