Vulnerabilities > Jetbrains > Teamcity

DATE CVE VULNERABILITY TITLE RISK
2024-10-08 CVE-2024-47161 Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.3 password could be exposed via Sonar runner REST API
network
low complexity
jetbrains CWE-522
6.5
2024-10-08 CVE-2024-47948 Path Traversal vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.3 path traversal leading to information disclosure was possible via server backups
network
low complexity
jetbrains CWE-22
7.5
2024-10-08 CVE-2024-47949 Path Traversal vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.3 path traversal allowed backup file write to arbitrary location
network
low complexity
jetbrains CWE-22
7.5
2024-10-08 CVE-2024-47950 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.3 stored XSS was possible in Backup configuration settings
network
low complexity
jetbrains CWE-79
5.4
2024-10-08 CVE-2024-47951 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.3 stored XSS was possible via server global settings
network
low complexity
jetbrains CWE-79
5.4
2024-08-16 CVE-2024-43807 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.1 multiple stored XSS was possible on Clouds page
network
low complexity
jetbrains CWE-79
5.4
2024-08-16 CVE-2024-43808 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.1 self XSS was possible in the HashiCorp Vault plugin
network
low complexity
jetbrains CWE-79
5.4
2024-08-16 CVE-2024-43809 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.1 reflected XSS was possible on the agentPushPreset page
network
low complexity
jetbrains CWE-79
6.1
2024-08-16 CVE-2024-43810 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.1 reflected XSS was possible in the AWS Core plugin
network
low complexity
jetbrains CWE-79
5.4
2024-08-06 CVE-2024-43114 Incorrect Default Permissions vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory permissions
local
low complexity
jetbrains CWE-276
7.8