Vulnerabilities > Jetbrains

DATE CVE VULNERABILITY TITLE RISK
2024-08-16 CVE-2024-43807 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.1 multiple stored XSS was possible on Clouds page
network
low complexity
jetbrains CWE-79
5.4
2024-08-16 CVE-2024-43808 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.1 self XSS was possible in the HashiCorp Vault plugin
network
low complexity
jetbrains CWE-79
5.4
2024-08-16 CVE-2024-43809 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.1 reflected XSS was possible on the agentPushPreset page
network
low complexity
jetbrains CWE-79
6.1
2024-08-16 CVE-2024-43810 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.1 reflected XSS was possible in the AWS Core plugin
network
low complexity
jetbrains CWE-79
5.4
2024-08-06 CVE-2024-43114 Incorrect Default Permissions vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory permissions
local
low complexity
jetbrains CWE-276
7.8
2024-07-22 CVE-2024-41824 Information Exposure Through Log Files vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07 parameters of the "password" type could leak into the build log in some specific cases
network
low complexity
jetbrains CWE-532
6.5
2024-07-22 CVE-2024-41825 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07 stored XSS was possible on the Code Inspection tab
network
low complexity
jetbrains CWE-79
5.4
2024-07-22 CVE-2024-41826 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07 stored XSS was possible on Show Connection page
network
low complexity
jetbrains CWE-79
4.8
2024-07-22 CVE-2024-41827 Insufficient Session Expiration vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07 access tokens could continue working after deletion or expiration
network
low complexity
jetbrains CWE-613
critical
9.8
2024-07-22 CVE-2024-41828 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07 comparison of authorization tokens took non-constant time
network
low complexity
jetbrains
6.5