Vulnerabilities > Jetbrains

DATE CVE VULNERABILITY TITLE RISK
2021-05-11 CVE-2021-31911 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.3, reflected XSS was possible on several pages.
network
low complexity
jetbrains CWE-79
6.1
2021-05-11 CVE-2021-31912 Weak Password Recovery Mechanism for Forgotten Password vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.3, account takeover was potentially possible during a password reset.
network
low complexity
jetbrains CWE-640
8.8
2021-05-11 CVE-2021-31913 Improper Validation of Integrity Check Value vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.3, insufficient checks of the redirect_uri were made during GitHub SSO token exchange.
network
low complexity
jetbrains CWE-354
7.5
2021-05-11 CVE-2021-31914 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.4 on Windows, arbitrary code execution on TeamCity Server was possible.
network
low complexity
jetbrains
critical
9.8
2021-05-11 CVE-2021-31915 OS Command Injection vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.4, OS command injection leading to remote code execution was possible.
network
low complexity
jetbrains CWE-78
critical
9.8
2021-05-11 CVE-2021-26309 Exposure of Resource to Wrong Sphere vulnerability in Jetbrains Teamcity
Information disclosure in the TeamCity plugin for IntelliJ before 2020.2.2.85899 was possible because a local temporary file had Insecure Permissions.
local
low complexity
jetbrains CWE-668
3.3
2021-05-11 CVE-2021-26310 Unspecified vulnerability in Jetbrains Teamcity
In the TeamCity IntelliJ plugin before 2020.2.2.85899, DoS was possible.
network
low complexity
jetbrains
7.5
2021-05-11 CVE-2021-27733 Cross-site Scripting vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.6.6441, stored XSS was possible via an issue attachment.
network
low complexity
jetbrains CWE-79
5.4
2021-05-11 CVE-2021-29263 Unspecified vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA 2020.3.3, local code execution was possible because of insufficient checks when getting the project from VCS.
local
low complexity
jetbrains
7.8
2021-05-11 CVE-2021-30005 Insufficient Verification of Data Authenticity vulnerability in Jetbrains Pycharm
In JetBrains PyCharm before 2020.3.4, local code execution was possible because of insufficient checks when getting the project from VCS.
local
low complexity
jetbrains CWE-345
7.8