Vulnerabilities > Jetbrains

DATE CVE VULNERABILITY TITLE RISK
2023-06-29 CVE-2015-1313 Forced Browsing vulnerability in Jetbrains Teamcity
JetBrains TeamCity 8 and 9 before 9.0.2 allows bypass of account-creation restrictions via a crafted request because the required request data can be deduced by reading HTML and JavaScript files that are returned to the web browser after an initial unauthenticated request.
network
low complexity
jetbrains CWE-425
6.5
2023-06-12 CVE-2023-35053 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2023.1.10518 a DoS attack was possible via Helpdesk forms
network
low complexity
jetbrains
7.5
2023-06-12 CVE-2023-35054 Cross-site Scripting vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2023.1.10518 stored XSS in a Markdown-rendering engine was possible
network
low complexity
jetbrains CWE-79
5.4
2023-06-01 CVE-2023-34339 Unspecified vulnerability in Jetbrains Ktor
In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the exception's message
local
low complexity
jetbrains
3.3
2023-05-31 CVE-2023-34218 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05 bypass of permission checks allowing to perform admin actions was possible
network
low complexity
jetbrains
critical
9.8
2023-05-31 CVE-2023-34219 Incorrect Authorization vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05 improper permission checks allowed users without appropriate permissions to edit Build Configuration settings via REST API
network
low complexity
jetbrains CWE-863
4.3
2023-05-31 CVE-2023-34220 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05 stored XSS in the Commit Status Publisher window was possible
network
low complexity
jetbrains
5.4
2023-05-31 CVE-2023-34221 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05 stored XSS in the Show Connection page was possible
network
low complexity
jetbrains
5.4
2023-05-31 CVE-2023-34222 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05 possible XSS in the Plugin Vendor URL was possible
network
low complexity
jetbrains
6.1
2023-05-31 CVE-2023-34223 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05 parameters of the "password" type from build dependencies could be logged in some cases
network
low complexity
jetbrains
5.3