Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Teamcity
(Jetbrains)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 197 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-05-29 | CVE-2024-36369 | In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via issue tracker integration was possible | Teamcity | 5.4 | ||
| 2024-05-29 | CVE-2024-36370 | In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via OAuth connection settings was possible | Teamcity | 5.4 | ||
| 2023-09-19 | CVE-2023-42793 | In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible | Teamcity | 9.8 | ||
| 2024-03-04 | CVE-2024-27198 | In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible | Teamcity | 9.8 | ||
| 2020-01-30 | CVE-2020-7908 | In JetBrains TeamCity before 2019.1.5, reverse tabnabbing was possible on several pages. | Teamcity | 4.3 | ||
| 2020-01-30 | CVE-2020-7909 | In JetBrains TeamCity before 2019.1.5, some server-stored passwords could be shown via the web UI. | Teamcity | 7.5 | ||
| 2020-01-30 | CVE-2020-7910 | JetBrains TeamCity before 2019.2 was vulnerable to a stored XSS attack by a user with the developer role. | Teamcity | 5.4 | ||
| 2020-01-30 | CVE-2020-7911 | In JetBrains TeamCity before 2019.2, several user-level pages were vulnerable to XSS. | Teamcity | 6.1 | ||
| 2020-08-08 | CVE-2020-15825 | In JetBrains TeamCity before 2020.1, users with the Modify Group permission can elevate other users' privileges. | Teamcity | 8.8 | ||
| 2020-08-08 | CVE-2020-15826 | In JetBrains TeamCity before 2020.1, users are able to assign more permissions than they have. | Teamcity | 4.3 |