Vulnerabilities > Jetbrains > Teamcity

DATE CVE VULNERABILITY TITLE RISK
2021-05-11 CVE-2021-3315 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.2, stored XSS on a tests page was possible.
network
low complexity
jetbrains CWE-79
5.4
5.4
2021-02-03 CVE-2021-25778 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.1, permissions during user deletion were checked improperly.
network
low complexity
jetbrains
5.3
5.3
2021-02-03 CVE-2021-25777 Incorrect Authorization vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.1, permissions during token removal were checked improperly.
network
low complexity
jetbrains CWE-863
5.3
5.3
2021-02-03 CVE-2021-25776 Insecure Storage of Sensitive Information vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2, an ECR token could be exposed in a build's parameters.
network
low complexity
jetbrains CWE-922
7.5
7.5
2021-02-03 CVE-2021-25775 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.1, the server admin could create and see access tokens for any other users.
network
low complexity
jetbrains
3.8
3.8
2021-02-03 CVE-2021-25774 Incorrect Authorization vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.1, a user could get access to the GitHub access token of another user.
network
low complexity
jetbrains CWE-863
4.3
4.3
2021-02-03 CVE-2021-25773 Cross-site Scripting vulnerability in Jetbrains Teamcity
JetBrains TeamCity before 2020.2 was vulnerable to reflected XSS on several pages.
network
low complexity
jetbrains CWE-79
6.1
6.1
2021-02-03 CVE-2021-25772 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.2, TeamCity server DoS was possible via server integration.
network
low complexity
jetbrains
5.3
5.3
2021-02-03 CVE-2020-35667 Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Teamcity
JetBrains TeamCity Plugin before 2020.2.85695 SSRF.
network
low complexity
jetbrains CWE-918
7.5
7.5
2020-11-16 CVE-2020-27627 Injection vulnerability in Jetbrains Teamcity
JetBrains TeamCity before 2020.1.2 was vulnerable to URL injection.
network
low complexity
jetbrains CWE-74
6.1
6.1