Vulnerabilities > Jetbrains > Teamcity > 2022.10.1

DATE CVE VULNERABILITY TITLE RISK
2023-07-12 CVE-2023-38063 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05.1 stored XSS while running custom builds was possible
network
low complexity
jetbrains CWE-79
5.4
5.4
2023-07-12 CVE-2023-38064 Information Exposure Through Log Files vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05.1 build chain parameters of the "password" type could be written to the agent log
network
low complexity
jetbrains CWE-532
6.5
6.5
2023-07-12 CVE-2023-38065 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05.1 stored XSS while viewing the build log was possible
network
low complexity
jetbrains CWE-79
5.4
5.4
2023-07-12 CVE-2023-38066 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05.1 reflected XSS via the Referer header was possible during artifact downloads
network
low complexity
jetbrains CWE-79
6.1
6.1
2023-07-12 CVE-2023-38067 Information Exposure Through Log Files vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05.1 build parameters of the "password" type could be written to the agent log
network
low complexity
jetbrains CWE-532
6.5
6.5