Jetbrains: >> Teamcity >> 9.1.1 Security Vulnerabilities
In JetBrains TeamCity before 2023.05.2 a ReDoS attack was possible via integration with issue trackers
CVSS Score
4.3
EPSS Score
0.0
Published
2023-07-25
In JetBrains TeamCity before 2023.05.2 reflected XSS via GitHub integration was possible
CVSS Score
4.6
EPSS Score
0.0
Published
2023-07-25
In JetBrains TeamCity before 2023.05.1 stored XSS when using a custom theme was possible
CVSS Score
4.6
EPSS Score
0.0
Published
2023-07-12
In JetBrains TeamCity before 2023.05.1 parameters of the "password" type could be shown in the UI in certain composite build configurations
CVSS Score
4.3
EPSS Score
0.0
Published
2023-07-12
In JetBrains TeamCity before 2023.05.1 stored XSS while running custom builds was possible
CVSS Score
4.6
EPSS Score
0.0
Published
2023-07-12
In JetBrains TeamCity before 2023.05.1 build chain parameters of the "password" type could be written to the agent log
CVSS Score
4.3
EPSS Score
0.0
Published
2023-07-12
In JetBrains TeamCity before 2023.05.1 stored XSS while viewing the build log was possible
CVSS Score
4.6
EPSS Score
0.0
Published
2023-07-12
In JetBrains TeamCity before 2023.05.1 reflected XSS via the Referer header was possible during artifact downloads
CVSS Score
4.6
EPSS Score
0.0
Published
2023-07-12
In JetBrains TeamCity before 2023.05.1 build parameters of the "password" type could be written to the agent log
CVSS Score
4.3
EPSS Score
0.0
Published
2023-07-12
In JetBrains TeamCity before 2023.05 bypass of permission checks allowing to perform admin actions was possible
CVSS Score
9.1
EPSS Score
0.0
Published
2023-05-31