JetBrains TeamCity prior to 2019.2 was vulnerable to a stored XSS attack by a user with the developer role.
jetbrains teamcity