Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
teamcity vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-15848
JetBrains TeamCity 2019.1 and 2019.1.1 allows cross-site scripting (XSS), potentially making it possible to send an arbitrary HTTP request to a TeamCity server under the name of the currently logged-in user.
Jetbrains Teamcity 2019.1
Jetbrains Teamcity 2019.1.1
4
CVSSv2
CVE-2020-11938
In JetBrains TeamCity 2018.2 up to and including 2019.2.1, a project administrator was able to see scrambled password parameters used in a project. The issue was resolved in 2019.2.2.
Jetbrains Teamcity
4
CVSSv2
CVE-2020-15826
In JetBrains TeamCity prior to 2020.1, users are able to assign more permissions than they have.
Jetbrains Teamcity
4
CVSSv2
CVE-2020-15828
In JetBrains TeamCity prior to 2020.1.1, project parameter values can be retrieved by a user without appropriate permissions.
Jetbrains Teamcity
5
CVSSv2
CVE-2021-25772
In JetBrains TeamCity prior to 2020.2.2, TeamCity server DoS was possible via server integration.
Jetbrains Teamcity
4.3
CVSSv2
CVE-2021-25773
JetBrains TeamCity prior to 2020.2 was vulnerable to reflected XSS on several pages.
Jetbrains Teamcity
4
CVSSv2
CVE-2021-25774
In JetBrains TeamCity prior to 2020.2.1, a user could get access to the GitHub access token of another user.
Jetbrains Teamcity
5.5
CVSSv2
CVE-2021-25775
In JetBrains TeamCity prior to 2020.2.1, the server admin could create and see access tokens for any other users.
Jetbrains Teamcity
5
CVSSv2
CVE-2021-25777
In JetBrains TeamCity prior to 2020.2.1, permissions during token removal were checked improperly.
Jetbrains Teamcity
NA
CVE-2023-39173
In JetBrains TeamCity prior to 2023.05.2 a token with limited permissions could be used to gain full account access
Jetbrains Teamcity
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »