Vulnerabilities > Jetbrains

DATE	CVE	VULNERABILITY TITLE	RISK
2023-05-31	CVE-2023-34226	Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.05 reflected XSS in the Subscriptions page was possible network low complexity jetbrains CWE-79	6.1
2023-05-31	CVE-2023-34227	Exposed Dangerous Method or Function vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.05 a specific endpoint was vulnerable to brute force attacks network low complexity jetbrains CWE-749	7.5
2023-05-31	CVE-2023-34228	Use of Single-factor Authentication vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.05 authentication checks were missing – 2FA was not checked for some sensitive account actions network low complexity jetbrains CWE-308	6.5
2023-05-31	CVE-2023-34229	Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.05 stored XSS in GitLab Connection page was possible network low complexity jetbrains CWE-79	5.4
2023-04-28	CVE-2022-48481	Insufficient Control Flow Management vulnerability in Jetbrains Toolbox In JetBrains Toolbox App before 1.28 a DYLIB injection on macOS was possible local low complexity jetbrains CWE-691	7.8
2023-04-24	CVE-2022-48476	Path Traversal vulnerability in Jetbrains Ktor In JetBrains Ktor before 2.3.0 path traversal in the `resolveResource` method was possible network low complexity jetbrains CWE-22	7.5
2023-04-24	CVE-2022-48477	Server-Side Request Forgery (SSRF) vulnerability in Jetbrains HUB In JetBrains Hub before 2023.1.15725 SSRF protection in Auth Module integration was missing network low complexity jetbrains CWE-918 critical	9.8
2023-03-27	CVE-2022-48429	Cross-site Scripting vulnerability in Jetbrains HUB In JetBrains Hub before 2022.3.15573, 2022.2.15572, 2022.1.15583 reflected XSS in dashboards was possible network low complexity jetbrains CWE-79	5.4
2023-02-23	CVE-2022-48342	Insecure Default Initialization of Resource vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2022.10.2 jVMTI was enabled by default on agents. network low complexity jetbrains CWE-1188 critical	9.8
2023-02-23	CVE-2022-48343	Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability in the user creation process. network low complexity jetbrains CWE-79	6.1

Vulnerabilities > Jetbrains {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Jetbrains"}]}

Vulnerabilities > Jetbrains