PoC for CVE-2022-24342: account takeover via CSRF in GitHub authentication
CVE-2022-24342 JetBrains TeamCity - account takeover via CSRF in GitHub authentication (PoC) CVE-2022-24342 Requirements Usage How does it work? GitHub OAuth2: query parameters processing order CVE-2022-24342: HTTP requests flow Requirements JetBrains TeamCity <202121 GitHub authentication enabled Usage Try to login with attacker's GitHub account int