Vulnerabilities > Jetbrains > Teamcity > 9.1.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-12 | CVE-2023-38063 | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.05.1 stored XSS while running custom builds was possible | 5.4 |
| 2023-07-12 | CVE-2023-38064 | Information Exposure Through Log Files vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.05.1 build chain parameters of the "password" type could be written to the agent log | 6.5 |
| 2023-07-12 | CVE-2023-38065 | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.05.1 stored XSS while viewing the build log was possible | 5.4 |
| 2023-07-12 | CVE-2023-38066 | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.05.1 reflected XSS via the Referer header was possible during artifact downloads | 6.1 |
| 2023-07-12 | CVE-2023-38067 | Information Exposure Through Log Files vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.05.1 build parameters of the "password" type could be written to the agent log | 6.5 |
| 2022-02-25 | CVE-2022-24331 | Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.1.4, GitLab authentication impersonation was possible. | 9.8 |
| 2022-02-25 | CVE-2022-24336 | Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.2.1, an unauthenticated attacker can cancel running builds via an XML-RPC request to the TeamCity server. | 5.3 |