CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-15037
https://notcve.org/view.php?id=CVE-2019-15037
An issue was discovered in JetBrains TeamCity 2018.2.4. It had several XSS vulnerabilities on the settings pages. The issues were fixed in TeamCity 2019.1. Se detectó un problema en JetBrains TeamCity versión 2018.2.4. Presentaba varias vulnerabilidades de tipo XSS en las páginas de configuración. • https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-15040
https://notcve.org/view.php?id=CVE-2019-15040
JetBrains YouTrack versions before 2019.1 had a CSRF vulnerability on the settings page. JetBrains YouTrack versiones anteriores a 2019.1, presentaban una vulnerabilidad de tipo CSRF en la página de configuración. • https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-16171
https://notcve.org/view.php?id=CVE-2019-16171
In JetBrains YouTrack through 2019.2.56594, stored XSS was found on the issue page. En JetBrains YouTrack versiones hasta 2019.2.56594, se encontró una vulnerabilidad de tipo XSS almacenado en la página del asunto. • https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-16407
https://notcve.org/view.php?id=CVE-2019-16407
JetBrains ReSharper installers for versions before 2019.2 had a DLL Hijacking vulnerability. Los instaladores de JetBrains ReSharper para versiones anteriores a 2019.2, presentaban una vulnerabilidad de Secuestro de DLL. • https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019 • CWE-427: Uncontrolled Search Path Element •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-15041
https://notcve.org/view.php?id=CVE-2019-15041
JetBrains YouTrack versions before 2019.1.52545 allowed unbounded URL whitelisting because of Inclusion of Functionality from an Untrusted Control Sphere. JetBrains YouTrack versiones anteriores a 2019.1.52545, permitieron una lista blanca de la URL sin límites debido a la Inclusión de la Funcionalidad de una Esfera de Control no Confiable. • https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •