Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Teamcity
(Jetbrains)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 197 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-03-04 | CVE-2024-27198 | In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible | Teamcity | 9.8 | ||
| 2020-01-30 | CVE-2020-7908 | In JetBrains TeamCity before 2019.1.5, reverse tabnabbing was possible on several pages. | Teamcity | 4.3 | ||
| 2020-01-30 | CVE-2020-7909 | In JetBrains TeamCity before 2019.1.5, some server-stored passwords could be shown via the web UI. | Teamcity | 7.5 | ||
| 2020-01-30 | CVE-2020-7910 | JetBrains TeamCity before 2019.2 was vulnerable to a stored XSS attack by a user with the developer role. | Teamcity | 5.4 | ||
| 2020-01-30 | CVE-2020-7911 | In JetBrains TeamCity before 2019.2, several user-level pages were vulnerable to XSS. | Teamcity | 6.1 | ||
| 2020-08-08 | CVE-2020-15825 | In JetBrains TeamCity before 2020.1, users with the Modify Group permission can elevate other users' privileges. | Teamcity | 8.8 | ||
| 2020-08-08 | CVE-2020-15826 | In JetBrains TeamCity before 2020.1, users are able to assign more permissions than they have. | Teamcity | 4.3 | ||
| 2020-08-08 | CVE-2020-15828 | In JetBrains TeamCity before 2020.1.1, project parameter values can be retrieved by a user without appropriate permissions. | Teamcity | 6.5 | ||
| 2020-08-08 | CVE-2020-15829 | In JetBrains TeamCity before 2019.2.3, password parameters could be disclosed via build logs. | Teamcity | 5.3 | ||
| 2020-08-08 | CVE-2020-15830 | JetBrains TeamCity before 2019.2.3 is vulnerable to stored XSS in the administration UI. | Teamcity | 6.1 |