Vulnerabilities > Jetbrains > Teamcity > 2019.1.2

DATE CVE VULNERABILITY TITLE RISK
2020-04-22 CVE-2020-11687 Information Exposure vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.2.2, password values were shown in an unmasked format on several pages.
network
low complexity
jetbrains CWE-200
5.0
5.0
2020-04-22 CVE-2020-11686 Information Exposure vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.1.4, a project administrator was able to retrieve some TeamCity server settings.
network
low complexity
jetbrains CWE-200
4.0
4.0
2020-01-30 CVE-2020-7911 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.2, several user-level pages were vulnerable to XSS.
network
jetbrains CWE-79
4.3
4.3
2020-01-30 CVE-2020-7910 Cross-site Scripting vulnerability in Jetbrains Teamcity
JetBrains TeamCity before 2019.2 was vulnerable to a stored XSS attack by a user with the developer role.
network
jetbrains CWE-79
3.5
3.5
2020-01-30 CVE-2020-7909 Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.1.5, some server-stored passwords could be shown via the web UI.
network
low complexity
jetbrains CWE-522
5.0
5.0
2020-01-30 CVE-2020-7908 Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.1.5, reverse tabnabbing was possible on several pages.
network
jetbrains CWE-522
4.3
4.3
2019-10-31 CVE-2019-18365 Improper Privilege Management vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.1.4, reverse tabnabbing was possible on several pages.
network
jetbrains CWE-269
4.3
4.3
2019-10-31 CVE-2019-18364 Deserialization of Untrusted Data vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.1.4, insecure Java Deserialization could potentially allow remote code execution.
network
low complexity
jetbrains CWE-502
7.5
7.5