JetBrains TeamCity prior to 2019.2.3 is vulnerable to reflected XSS in the administration UI.
jetbrains teamcity