Vulnerabilities > Jetbrains

DATE	CVE	VULNERABILITY TITLE	RISK
2024-07-22	CVE-2024-41825	Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.07 stored XSS was possible on the Code Inspection tab network low complexity jetbrains CWE-79	5.4
2024-07-22	CVE-2024-41826	Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.07 stored XSS was possible on Show Connection page network low complexity jetbrains CWE-79	4.8
2024-07-22	CVE-2024-41827	Insufficient Session Expiration vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.07 access tokens could continue working after deletion or expiration network low complexity jetbrains CWE-613 critical	9.8
2024-07-22	CVE-2024-41828	Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.07 comparison of authorization tokens took non-constant time network low complexity jetbrains	6.5
2024-07-22	CVE-2024-41829	Improper Authentication vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space could be stolen via Space Application connection network low complexity jetbrains CWE-287	7.5
2024-07-01	CVE-2024-39878	Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.03.3 private key could be exposed via testing GitHub App Connection network low complexity jetbrains CWE-522	5.3
2024-07-01	CVE-2024-39879	Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.03.3 application token could be exposed in EC2 Cloud Profile settings network low complexity jetbrains CWE-522	5.3
2024-06-18	CVE-2024-38504	Missing Authorization vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.2.34646 the Guest User Account was enabled for attaching files to articles network low complexity jetbrains CWE-862	5.3
2024-06-18	CVE-2024-38505	Insufficiently Protected Credentials vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.2.34646 user access token was sent to the third-party site network low complexity jetbrains CWE-522	7.5
2024-06-18	CVE-2024-38506	Missing Authorization vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.2.34646 user without appropriate permissions could enable the auto-attach option for workflows network low complexity jetbrains CWE-862	8.1

Vulnerabilities > Jetbrains {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Jetbrains"}]}

Vulnerabilities > Jetbrains