Show filters
456 Total Results
Displaying 111-120 of 456
Sort by:
Attacker Value
Unknown

CVE-2024-24937

Disclosure Date: February 06, 2024 (last updated February 09, 2024)
In JetBrains TeamCity before 2023.11.2 stored XSS via agent distribution was possible
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-24936

Disclosure Date: February 06, 2024 (last updated February 09, 2024)
In JetBrains TeamCity before 2023.11.2 access control at the S3 Artifact Storage plugin endpoint was missed
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-22370

Disclosure Date: January 09, 2024 (last updated January 13, 2024)
In JetBrains YouTrack before 2023.3.22666 stored XSS via markdown was possible
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-51655

Disclosure Date: December 21, 2023 (last updated December 30, 2023)
In JetBrains IntelliJ IDEA before 2023.3.2 code execution was possible in Untrusted Project mode via a malicious plugin repository specified in the project configuration
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-50871

Disclosure Date: December 15, 2023 (last updated December 20, 2023)
In JetBrains YouTrack before 2023.3.22268 authorization check for inline comments inside thread replies was missed
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-50870

Disclosure Date: December 15, 2023 (last updated December 20, 2023)
In JetBrains TeamCity before 2023.11.1 a CSRF on login was possible
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-45613

Disclosure Date: October 09, 2023 (last updated October 13, 2023)
In JetBrains Ktor before 2.3.5 server certificates were not verified
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-45612

Disclosure Date: October 09, 2023 (last updated October 13, 2023)
In JetBrains Ktor before 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-43566

Disclosure Date: September 19, 2023 (last updated October 08, 2023)
In JetBrains TeamCity before 2023.05.4 stored XSS was possible during nodes configuration
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-41250

Disclosure Date: August 25, 2023 (last updated October 08, 2023)
In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during user registration
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
View More Topics  < Previous  Next >