Vulnerabilities > Jetbrains > Teamcity > 9.1.5

DATE CVE VULNERABILITY TITLE RISK
2024-10-08 CVE-2024-47948 Path Traversal vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.3 path traversal leading to information disclosure was possible via server backups
network
low complexity
jetbrains CWE-22
7.5
7.5
2024-10-08 CVE-2024-47949 Path Traversal vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.3 path traversal allowed backup file write to arbitrary location
network
low complexity
jetbrains CWE-22
7.5
7.5
2024-10-08 CVE-2024-47951 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.3 stored XSS was possible via server global settings
network
low complexity
jetbrains CWE-79
5.4
5.4
2024-08-16 CVE-2024-43807 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.1 multiple stored XSS was possible on Clouds page
network
low complexity
jetbrains CWE-79
5.4
5.4
2024-08-16 CVE-2024-43808 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.1 self XSS was possible in the HashiCorp Vault plugin
network
low complexity
jetbrains CWE-79
5.4
5.4
2024-08-16 CVE-2024-43809 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.1 reflected XSS was possible on the agentPushPreset page
network
low complexity
jetbrains CWE-79
6.1
6.1
2024-08-16 CVE-2024-43810 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.1 reflected XSS was possible in the AWS Core plugin
network
low complexity
jetbrains CWE-79
5.4
5.4
2024-08-06 CVE-2024-43114 Incorrect Default Permissions vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory permissions
local
low complexity
jetbrains CWE-276
7.8
7.8
2024-07-22 CVE-2024-41824 Information Exposure Through Log Files vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07 parameters of the "password" type could leak into the build log in some specific cases
network
low complexity
jetbrains CWE-532
6.5
6.5
2024-07-22 CVE-2024-41825 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07 stored XSS was possible on the Code Inspection tab
network
low complexity
jetbrains CWE-79
5.4
5.4