Vulnerabilities > Jetbrains > Teamcity
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-09 | CVE-2021-43198 | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.1.2, stored XSS is possible. | 3.5 |
| 2021-11-09 | CVE-2021-43199 | Incorrect Default Permissions vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.1.2, permission checks in the Create Patch functionality are insufficient. | 5.0 |
| 2021-11-09 | CVE-2021-43200 | Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.1.2, permission checks in the Agent Push functionality were insufficient. | 7.5 |
| 2021-11-09 | CVE-2021-43201 | Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.1.3, a newly created project could take settings from an already deleted project. | 5.0 |
| 2021-08-06 | CVE-2021-37542 | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.3, XSS was possible. | 4.3 |
| 2021-08-06 | CVE-2021-37544 | Deserialization of Untrusted Data vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.4, there was an insecure deserialization. | 7.5 |
| 2021-08-06 | CVE-2021-37545 | Improper Authentication vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.1.1, insufficient authentication checks for agent requests were made. | 5.0 |
| 2021-08-06 | CVE-2021-37546 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.1, an insecure key generation mechanism for encrypted properties was used. | 5.0 |
| 2021-08-06 | CVE-2021-37547 | Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.4, insufficient checks during file uploading were made. | 5.0 |
| 2021-08-06 | CVE-2021-37548 | Cleartext Storage of Sensitive Information vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.1, passwords in cleartext sometimes could be stored in VCS. | 5.0 |