Vulnerabilities > Jetbrains > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-01-09 CVE-2024-22370 Cross-site Scripting vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2023.3.22666 stored XSS via markdown was possible
network
low complexity
jetbrains CWE-79
5.4
2023-12-15 CVE-2023-50871 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2023.3.22268 authorization check for inline comments inside thread replies was missed
network
low complexity
jetbrains
4.3
2023-09-19 CVE-2023-43566 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05.4 stored XSS was possible during nodes configuration
network
low complexity
jetbrains CWE-79
5.4
2023-08-25 CVE-2023-41248 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05.3 stored XSS was possible during Cloud Profiles configuration
network
low complexity
jetbrains CWE-79
5.4
2023-08-25 CVE-2023-41249 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during copying Build Step
network
low complexity
jetbrains CWE-79
6.1
2023-08-25 CVE-2023-41250 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during user registration
network
low complexity
jetbrains CWE-79
6.1
2023-07-25 CVE-2023-39175 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05.2 reflected XSS via GitHub integration was possible
network
low complexity
jetbrains CWE-79
6.1
2023-07-12 CVE-2023-38061 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05.1 stored XSS when using a custom theme was possible
network
low complexity
jetbrains CWE-79
5.4
2023-07-12 CVE-2023-38062 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05.1 parameters of the "password" type could be shown in the UI in certain composite build configurations
network
low complexity
jetbrains
6.5
2023-07-12 CVE-2023-38063 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05.1 stored XSS while running custom builds was possible
network
low complexity
jetbrains CWE-79
5.4