Jetbrains: >> Teamcity Security Vulnerabilities
In JetBrains TeamCity before 2024.12 insecure XMLParser configuration could lead to potential XXE attack
CVSS Score
5.9
EPSS Score
0.0
Published
2024-12-20
In JetBrains TeamCity before 2024.12 improper access control allowed unauthorized users to modify build logs
CVSS Score
5.3
EPSS Score
0.0
Published
2024-12-20
In JetBrains TeamCity before 2024.12 build credentials allowed unauthorized viewing of projects
CVSS Score
4.3
EPSS Score
0.0
Published
2024-12-20
In JetBrains TeamCity before 2024.12 access tokens were not revoked after removing user roles
CVSS Score
6.3
EPSS Score
0.001
Published
2024-12-20
In JetBrains TeamCity before 2024.12 stored XSS was possible via image name on the agent details page
CVSS Score
4.6
EPSS Score
0.366
Published
2024-12-20
In JetBrains TeamCity before 2024.12 improper access control allowed viewing details of unauthorized agents
CVSS Score
4.3
EPSS Score
0.0
Published
2024-12-20
In JetBrains TeamCity before 2024.07.3 stored XSS was possible via server global settings
CVSS Score
3.5
EPSS Score
0.001
Published
2024-10-08
In JetBrains TeamCity before 2024.07.3 password could be exposed via Sonar runner REST API
CVSS Score
4.3
EPSS Score
0.0
Published
2024-10-08
In JetBrains TeamCity before 2024.07.3 path traversal leading to information disclosure was possible via server backups
CVSS Score
4.9
EPSS Score
0.0
Published
2024-10-08
In JetBrains TeamCity before 2024.07.3 path traversal allowed backup file write to arbitrary location
CVSS Score
4.9
EPSS Score
0.0
Published
2024-10-08