Page 82 of 432 results (0.013 seconds)

CVSS: 9.8EPSS: 16%CPEs: 1EXPL: 1

An issue was discovered in JetBrains TeamCity 2018.2.4. It had a possible remote code execution issue. This was fixed in TeamCity 2019.1. Se descubrió in JetBrains TeamCity 2018,2,4. Tenía un posible problema de ejecución de código remoto. • https://www.exploit-db.com/exploits/47891 http://packetstormsecurity.com/files/155874/JetBrains-TeamCity-2018.2.4-Remote-Code-Execution.html https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

JetBrains TeamCity 2019.1 and 2019.1.1 allows cross-site scripting (XSS), potentially making it possible to send an arbitrary HTTP request to a TeamCity server under the name of the currently logged-in user. JetBrains TeamCity 2019.1 y 2019.1.1 permite Cross-Site Scripting (XSS), lo que posiblemente permite enviar una petición HTTP arbitraria a un servidor TeamCity con el nombre del usuario actualmente registrado. • https://blog.jetbrains.com/teamcity/2019/09/important-security-notice-xss-vulnerability-allowing-rce https://gist.github.com/JLLeitschuh/fe6784391254b58de680bbda78a04a70 https://twitter.com/JLLeitschuh/status/1169332316612644864?s=20 https://www.softwaresecured.com/jetbrains-teamcity-reflected-xss • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

An SSRF attack was possible on a JetBrains YouTrack server. The issue (1 of 2) was fixed in JetBrains YouTrack 2018.4.49168. Un ataque SSRF fue posible en un servidor YouTrack de JetBrains. El problema (1 de 2) se solucionó en JetBrains YouTrack versión 2018.4.49168. • https://blog.jetbrains.com/blog/2019/06/19/jetbrains-security-bulletin-q1-2019 • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

A user without the required permissions could gain access to some JetBrains TeamCity settings. The issue was fixed in TeamCity 2018.2.2. Un usuario sin los permisos necesarios podría obtener acceso a algunas configuraciones de TeamBity de JetBrains. El problema se solucionó en TeamCity 02.02.2018. • https://blog.jetbrains.com/blog/2019/06/19/jetbrains-security-bulletin-q1-2019 •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

A reflected XSS on a user page was detected on one of the JetBrains TeamCity pages. The issue was fixed in TeamCity 2018.2.2. Se detectó un Cross-Site Scripting (XSS) reflejado en una página de usuario en una de las páginas TeamBity de JetBrains. El problema se solucionó en TeamCity 02.02.2018. • https://blog.jetbrains.com/blog/2019/06/19/jetbrains-security-bulletin-q1-2019 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •