JetBrains TeamCity prior to 2019.2.3 is vulnerable to stored XSS in the administration UI.
jetbrains teamcity