Show filters
211 Total Results
Displaying 91-100 of 211
Sort by:
Attacker Value
Unknown

CVE-2023-34226

Disclosure Date: May 31, 2023 (last updated October 08, 2023)
In JetBrains TeamCity before 2023.05 reflected XSS in the Subscriptions page was possible
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-34225

Disclosure Date: May 31, 2023 (last updated October 08, 2023)
In JetBrains TeamCity before 2023.05 stored XSS in the NuGet feed page was possible
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-34224

Disclosure Date: May 31, 2023 (last updated October 08, 2023)
In JetBrains TeamCity before 2023.05 open redirect during oAuth configuration was possible
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-34223

Disclosure Date: May 31, 2023 (last updated October 08, 2023)
In JetBrains TeamCity before 2023.05 parameters of the "password" type from build dependencies could be logged in some cases
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-34222

Disclosure Date: May 31, 2023 (last updated October 08, 2023)
In JetBrains TeamCity before 2023.05 possible XSS in the Plugin Vendor URL was possible
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-34221

Disclosure Date: May 31, 2023 (last updated October 08, 2023)
In JetBrains TeamCity before 2023.05 stored XSS in the Show Connection page was possible
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-34220

Disclosure Date: May 31, 2023 (last updated October 08, 2023)
In JetBrains TeamCity before 2023.05 stored XSS in the Commit Status Publisher window was possible
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-34219

Disclosure Date: May 31, 2023 (last updated October 08, 2023)
In JetBrains TeamCity before 2023.05 improper permission checks allowed users without appropriate permissions to edit Build Configuration settings via REST API
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-34218

Disclosure Date: May 31, 2023 (last updated October 08, 2023)
In JetBrains TeamCity before 2023.05 bypass of permission checks allowing to perform admin actions was possible
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-48428

Disclosure Date: March 27, 2023 (last updated October 08, 2023)
In JetBrains TeamCity before 2022.10.3 stored XSS on the SSH keys page was possible
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
View More Topics  < Previous  Next >