Jetbrains: >> Teamcity Security Vulnerabilities
In JetBrains TeamCity before 2025.03 base64 encoded password could be exposed in build log
CVSS Score
4.3
EPSS Score
0.0
Published
2025-03-27
In JetBrains TeamCity before 2025.03 stored XSS was possible on Cloud Profiles page
CVSS Score
4.6
EPSS Score
0.001
Published
2025-03-27
In JetBrains TeamCity before 2024.12.2 improper Kubernetes connection settings could expose sensitive resources
CVSS Score
7.7
EPSS Score
0.0
Published
2025-02-11
In JetBrains TeamCity before 2024.12.2 several DOM-based XSS were possible on the Code Inspection Report tab
CVSS Score
4.6
EPSS Score
0.1
Published
2025-02-11
In JetBrains TeamCity before 2024.12.1 improper access control allowed to see Projects’ names in the agent pool
CVSS Score
4.3
EPSS Score
0.0
Published
2025-01-21
In JetBrains TeamCity before 2024.12.1 decryption of connection secrets without proper permissions was possible via Test Connection endpoint
CVSS Score
6.5
EPSS Score
0.0
Published
2025-01-21
In JetBrains TeamCity before 2024.12.1 reflected XSS was possible on the Vault Connection page
CVSS Score
4.6
EPSS Score
0.047
Published
2025-01-21
In JetBrains TeamCity before 2024.12 backup file exposed user credentials and session cookies
CVSS Score
5.5
EPSS Score
0.0
Published
2024-12-20
In JetBrains TeamCity before 2024.12 password field value were accessible to users with view settings permission
CVSS Score
5.5
EPSS Score
0.0
Published
2024-12-20
In JetBrains TeamCity before 2024.12 missing Content-Type header in RemoteBuildLogController response could lead to XSS
CVSS Score
4.6
EPSS Score
0.366
Published
2024-12-20