Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jetbrains teamcity vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-15848
JetBrains TeamCity 2019.1 and 2019.1.1 allows cross-site scripting (XSS), potentially making it possible to send an arbitrary HTTP request to a TeamCity server under the name of the currently logged-in user.
Jetbrains Teamcity 2019.1
Jetbrains Teamcity 2019.1.1
10
CVSSv2
CVE-2019-12157
In JetBrains UpSource versions prior to 2018.2 build 1293, there is credential disclosure via RPC commands.
Jetbrains Upsource 2018.2
Jetbrains Teamcity
Jetbrains Upsource
NA
CVE-2023-38063
In JetBrains TeamCity prior to 2023.05.1 stored XSS while running custom builds was possible
Jetbrains Teamcity
NA
CVE-2023-38065
In JetBrains TeamCity prior to 2023.05.1 stored XSS while viewing the build log was possible
Jetbrains Teamcity
NA
CVE-2022-36321
In JetBrains TeamCity prior to 2022.04.2 the private SSH key could be written to the build log in some cases
Jetbrains Teamcity
NA
CVE-2022-36322
In JetBrains TeamCity prior to 2022.04.2 build parameter injection was possible
Jetbrains Teamcity
NA
CVE-2015-1313
JetBrains TeamCity 8 and 9 prior to 9.0.2 allows bypass of account-creation restrictions via a crafted request because the required request data can be deduced by reading HTML and JavaScript files that are returned to the web browser after an initial unauthenticated request.
Jetbrains Teamcity
NA
CVE-2022-46830
In JetBrains TeamCity between 2022.10 and 2022.10.1 a custom STS endpoint allowed internal port scanning.
Jetbrains Teamcity
NA
CVE-2023-38061
In JetBrains TeamCity prior to 2023.05.1 stored XSS when using a custom theme was possible
Jetbrains Teamcity
NA
CVE-2023-38062
In JetBrains TeamCity prior to 2023.05.1 parameters of the "password" type could be shown in the UI in certain composite build configurations
Jetbrains Teamcity
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »