Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Teamcity
(Jetbrains)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 197 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-05-31 | CVE-2023-34221 | In JetBrains TeamCity before 2023.05 stored XSS in the Show Connection page was possible | Teamcity | 5.4 | ||
| 2023-05-31 | CVE-2023-34222 | In JetBrains TeamCity before 2023.05 possible XSS in the Plugin Vendor URL was possible | Teamcity | 6.1 | ||
| 2023-05-31 | CVE-2023-34223 | In JetBrains TeamCity before 2023.05 parameters of the "password" type from build dependencies could be logged in some cases | Teamcity | 5.3 | ||
| 2023-05-31 | CVE-2023-34224 | In JetBrains TeamCity before 2023.05 open redirect during oAuth configuration was possible | Teamcity | 4.8 | ||
| 2023-05-31 | CVE-2023-34226 | In JetBrains TeamCity before 2023.05 reflected XSS in the Subscriptions page was possible | Teamcity | 6.1 | ||
| 2023-05-31 | CVE-2023-34225 | In JetBrains TeamCity before 2023.05 stored XSS in the NuGet feed page was possible | Teamcity | 5.4 | ||
| 2023-05-31 | CVE-2023-34227 | In JetBrains TeamCity before 2023.05 a specific endpoint was vulnerable to brute force attacks | Teamcity | 7.5 | ||
| 2023-05-31 | CVE-2023-34228 | In JetBrains TeamCity before 2023.05 authentication checks were missing – 2FA was not checked for some sensitive account actions | Teamcity | 6.5 | ||
| 2023-05-31 | CVE-2023-34229 | In JetBrains TeamCity before 2023.05 stored XSS in GitLab Connection page was possible | Teamcity | 5.4 | ||
| 2023-07-12 | CVE-2023-38061 | In JetBrains TeamCity before 2023.05.1 stored XSS when using a custom theme was possible | Teamcity | 5.4 |