Vulnerabilities > Jetbrains > Teamcity > 10.0.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-22 | CVE-2020-11686 | Information Exposure vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.1.4, a project administrator was able to retrieve some TeamCity server settings. | 4.0 |
| 2020-01-30 | CVE-2020-7911 | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.2, several user-level pages were vulnerable to XSS. | 4.3 |
| 2020-01-30 | CVE-2020-7910 | Cross-site Scripting vulnerability in Jetbrains Teamcity JetBrains TeamCity before 2019.2 was vulnerable to a stored XSS attack by a user with the developer role. | 3.5 |
| 2020-01-30 | CVE-2020-7909 | Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.1.5, some server-stored passwords could be shown via the web UI. | 5.0 |
| 2020-01-30 | CVE-2020-7908 | Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.1.5, reverse tabnabbing was possible on several pages. | 4.3 |
| 2019-10-31 | CVE-2019-18367 | Incorrect Default Permissions vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.1.2, a non-destructive operation could be performed by a user without the corresponding permissions. | 5.0 |
| 2019-10-31 | CVE-2019-18366 | Incorrect Default Permissions vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.1.2, secure values could be exposed to users with the "View build runtime parameters and data" permission. | 5.0 |
| 2019-10-31 | CVE-2019-18365 | Improper Privilege Management vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.1.4, reverse tabnabbing was possible on several pages. | 4.3 |
| 2019-10-31 | CVE-2019-18364 | Deserialization of Untrusted Data vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.1.4, insecure Java Deserialization could potentially allow remote code execution. | 7.5 |
| 2019-10-31 | CVE-2019-18363 | Information Exposure vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.1.2, access could be gained to the history of builds of a deleted build configuration under some circumstances. | 5.0 |