Jetbrains: Security Vulnerabilities
In JetBrains TeamCity before 2023.05 stored XSS in the NuGet feed page was possible
CVSS Score
4.6
EPSS Score
0.077
Published
2023-05-31
In JetBrains TeamCity before 2023.05 reflected XSS in the Subscriptions page was possible
CVSS Score
4.6
EPSS Score
0.001
Published
2023-05-31
In JetBrains TeamCity before 2023.05 a specific endpoint was vulnerable to brute force attacks
CVSS Score
5.3
EPSS Score
0.0
Published
2023-05-31
In JetBrains TeamCity before 2023.05 authentication checks were missing – 2FA was not checked for some sensitive account actions
CVSS Score
5.3
EPSS Score
0.0
Published
2023-05-31
In JetBrains TeamCity before 2023.05 stored XSS in GitLab Connection page was possible
CVSS Score
4.6
EPSS Score
0.001
Published
2023-05-31
In JetBrains Toolbox App before 1.28 a DYLIB injection on macOS was possible
CVSS Score
5.2
EPSS Score
0.0
Published
2023-04-28
In JetBrains Ktor before 2.3.0 path traversal in the `resolveResource` method was possible
CVSS Score
7.5
EPSS Score
0.0
Published
2023-04-24
In JetBrains Hub before 2023.1.15725 SSRF protection in Auth Module integration was missing
CVSS Score
4.1
EPSS Score
0.0
Published
2023-04-24
In JetBrains PhpStorm before 2023.1 source code could be logged in the local idea.log file
CVSS Score
3.3
EPSS Score
0.0
Published
2023-04-04
In JetBrains IntelliJ IDEA before 2023.1 the bundled version of Chromium wasn't sandboxed.
CVSS Score
5.2
EPSS Score
0.0
Published
2023-03-29