Jetbrains: >> Teamcity >> 3.1 Security Vulnerabilities
In JetBrains TeamCity before 2024.07.1 reflected XSS was possible in the AWS Core plugin
CVSS Score
4.6
EPSS Score
0.089
Published
2024-08-16
In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory permissions
CVSS Score
7.5
EPSS Score
0.0
Published
2024-08-06
In JetBrains TeamCity before 2024.07 access tokens could continue working after deletion or expiration
CVSS Score
7.4
EPSS Score
0.0
Published
2024-07-22
In JetBrains TeamCity before 2024.07 comparison of authorization tokens took non-constant time
CVSS Score
2.6
EPSS Score
0.0
Published
2024-07-22
In JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space could be stolen via Space Application connection
CVSS Score
3.5
EPSS Score
0.0
Published
2024-07-22
In JetBrains TeamCity before 2024.07 parameters of the "password" type could leak into the build log in some specific cases
CVSS Score
6.4
EPSS Score
0.0
Published
2024-07-22
In JetBrains TeamCity before 2024.07 stored XSS was possible on the Code Inspection tab
CVSS Score
4.6
EPSS Score
0.136
Published
2024-07-22
In JetBrains TeamCity before 2024.07 stored XSS was possible on Show Connection page
CVSS Score
3.5
EPSS Score
0.001
Published
2024-07-22
In JetBrains TeamCity before 2024.03.3 private key could be exposed via testing GitHub App Connection
CVSS Score
4.1
EPSS Score
0.0
Published
2024-07-01
In JetBrains TeamCity before 2024.03.3 application token could be exposed in EC2 Cloud Profile settings
CVSS Score
5.0
EPSS Score
0.0
Published
2024-07-01