Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Teamcity
(Jetbrains)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 232 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-05-29 | CVE-2024-36366 | In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 an XSS could be executed via certain report grouping and filtering operations | Teamcity | 6.1 | ||
| 2024-05-29 | CVE-2024-36367 | In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via third-party reports was possible | Teamcity | 6.1 | ||
| 2024-05-29 | CVE-2024-36368 | In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 reflected XSS via OAuth provider configuration was possible | Teamcity | 5.4 | ||
| 2024-05-29 | CVE-2024-36369 | In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via issue tracker integration was possible | Teamcity | 5.4 | ||
| 2024-05-29 | CVE-2024-36370 | In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via OAuth connection settings was possible | Teamcity | 5.4 | ||
| 2024-03-04 | CVE-2024-27198 | In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible | Teamcity | 9.8 | ||
| 2020-01-30 | CVE-2020-7908 | In JetBrains TeamCity before 2019.1.5, reverse tabnabbing was possible on several pages. | Teamcity | 4.3 | ||
| 2020-01-30 | CVE-2020-7909 | In JetBrains TeamCity before 2019.1.5, some server-stored passwords could be shown via the web UI. | Teamcity | 7.5 | ||
| 2020-01-30 | CVE-2020-7910 | JetBrains TeamCity before 2019.2 was vulnerable to a stored XSS attack by a user with the developer role. | Teamcity | 5.4 | ||
| 2020-01-30 | CVE-2020-7911 | In JetBrains TeamCity before 2019.2, several user-level pages were vulnerable to XSS. | Teamcity | 6.1 |