Show filters
211 Total Results
Displaying 71-80 of 211
Sort by:
Attacker Value
Unknown

CVE-2024-24936

Disclosure Date: February 06, 2024 (last updated February 09, 2024)
In JetBrains TeamCity before 2023.11.2 access control at the S3 Artifact Storage plugin endpoint was missed
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-50870

Disclosure Date: December 15, 2023 (last updated December 20, 2023)
In JetBrains TeamCity before 2023.11.1 a CSRF on login was possible
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-43566

Disclosure Date: September 19, 2023 (last updated October 08, 2023)
In JetBrains TeamCity before 2023.05.4 stored XSS was possible during nodes configuration
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-41250

Disclosure Date: August 25, 2023 (last updated October 08, 2023)
In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during user registration
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-41249

Disclosure Date: August 25, 2023 (last updated October 08, 2023)
In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during copying Build Step
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-41248

Disclosure Date: August 25, 2023 (last updated October 08, 2023)
In JetBrains TeamCity before 2023.05.3 stored XSS was possible during Cloud Profiles configuration
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-39175

Disclosure Date: July 25, 2023 (last updated October 08, 2023)
In JetBrains TeamCity before 2023.05.2 reflected XSS via GitHub integration was possible
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-39174

Disclosure Date: July 25, 2023 (last updated October 08, 2023)
In JetBrains TeamCity before 2023.05.2 a ReDoS attack was possible via integration with issue trackers
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-39173

Disclosure Date: July 25, 2023 (last updated October 08, 2023)
In JetBrains TeamCity before 2023.05.2 a token with limited permissions could be used to gain full account access
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-38067

Disclosure Date: July 12, 2023 (last updated October 08, 2023)
In JetBrains TeamCity before 2023.05.1 build parameters of the "password" type could be written to the agent log
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
View More Topics  < Previous  Next >