Vulnerabilities > Jetbrains

DATE	CVE	VULNERABILITY TITLE	RISK
2024-12-20	CVE-2024-56352	Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.12 stored XSS was possible via image name on the agent details page network low complexity jetbrains CWE-79	5.4
2024-12-20	CVE-2024-56353	Improper Cross-boundary Removal of Sensitive Data vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.12 backup file exposed user credentials and session cookies network low complexity jetbrains CWE-212	6.5
2024-12-20	CVE-2024-56354	Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.12 password field value were accessible to users with view settings permission network low complexity jetbrains CWE-522	4.9
2024-12-20	CVE-2024-56355	Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.12 missing Content-Type header in RemoteBuildLogController response could lead to XSS network low complexity jetbrains CWE-79	5.4
2024-12-20	CVE-2024-56356	XXE vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.12 insecure XMLParser configuration could lead to potential XXE attack network low complexity jetbrains CWE-611	7.1
2024-12-04	CVE-2024-54153	Missing Authentication for Critical Function vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.3.51866 unauthenticated database backup download was possible via vulnerable query parameter network low complexity jetbrains CWE-306	6.5
2024-12-04	CVE-2024-54154	Path Traversal vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.3.51866 system takeover was possible through path traversal in plugin sandbox network low complexity jetbrains CWE-22 critical	9.8
2024-12-04	CVE-2024-54155	Missing Authentication for Critical Function vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.3.51866 improper access control allowed listing of project names during app import without authentication network low complexity jetbrains CWE-306	5.3
2024-12-04	CVE-2024-54156	Unspecified vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.3.52635 multiple merge functions were vulnerable to prototype pollution attack network low complexity jetbrains	6.5
2024-12-04	CVE-2024-54157	Unspecified vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.3.52635 potential ReDoS was possible due to vulnerable RegExp in Ruby syntax detector network low complexity jetbrains	6.5

Vulnerabilities > Jetbrains {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Jetbrains"}]}

Vulnerabilities > Jetbrains