Vulnerabilities > Jetbrains > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-05-31 CVE-2023-34223 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05 parameters of the "password" type from build dependencies could be logged in some cases
network
low complexity
jetbrains
5.3
2023-05-31 CVE-2023-34224 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05 open redirect during oAuth configuration was possible
network
low complexity
jetbrains
4.8
2023-05-31 CVE-2023-34225 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05 stored XSS in the NuGet feed page was possible
network
low complexity
jetbrains CWE-79
5.4
2023-05-31 CVE-2023-34226 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05 reflected XSS in the Subscriptions page was possible
network
low complexity
jetbrains
6.1
2023-05-31 CVE-2023-34228 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05 authentication checks were missing – 2FA was not checked for some sensitive account actions
network
low complexity
jetbrains
6.5
2023-05-31 CVE-2023-34229 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05 stored XSS in GitLab Connection page was possible
network
low complexity
jetbrains
5.4
2023-03-27 CVE-2022-48427 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2022.10.3 stored XSS on “Pending changes” and “Changes” tabs was possible
network
low complexity
jetbrains CWE-79
5.4
2023-03-27 CVE-2022-48428 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2022.10.3 stored XSS on the SSH keys page was possible
network
low complexity
jetbrains CWE-79
5.4
2023-03-27 CVE-2022-48426 Cross-site Scripting vulnerability in Jetbrains Teamcity 2022.10.3
In JetBrains TeamCity before 2022.10.3 stored XSS in Perforce connection settings was possible
network
low complexity
jetbrains CWE-79
5.4
2023-03-27 CVE-2022-48429 Cross-site Scripting vulnerability in Jetbrains HUB
In JetBrains Hub before 2022.3.15573, 2022.2.15572, 2022.1.15583 reflected XSS in dashboards was possible
network
low complexity
jetbrains CWE-79
5.4