Vulnerabilities > Jetbrains > Teamcity
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-11 | CVE-2021-3315 | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.2, stored XSS on a tests page was possible. | 5.4 |
2021-02-03 | CVE-2021-25778 | Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.1, permissions during user deletion were checked improperly. | 5.3 |
2021-02-03 | CVE-2021-25777 | Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.1, permissions during token removal were checked improperly. | 5.3 |
2021-02-03 | CVE-2021-25776 | Insecure Storage of Sensitive Information vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2, an ECR token could be exposed in a build's parameters. | 7.5 |
2021-02-03 | CVE-2021-25775 | Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.1, the server admin could create and see access tokens for any other users. | 3.8 |
2021-02-03 | CVE-2021-25774 | Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.1, a user could get access to the GitHub access token of another user. | 4.3 |
2021-02-03 | CVE-2021-25773 | Cross-site Scripting vulnerability in Jetbrains Teamcity JetBrains TeamCity before 2020.2 was vulnerable to reflected XSS on several pages. | 6.1 |
2021-02-03 | CVE-2021-25772 | Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.2, TeamCity server DoS was possible via server integration. | 5.3 |
2021-02-03 | CVE-2020-35667 | Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Teamcity JetBrains TeamCity Plugin before 2020.2.85695 SSRF. | 7.5 |
2020-11-16 | CVE-2020-27627 | Injection vulnerability in Jetbrains Teamcity JetBrains TeamCity before 2020.1.2 was vulnerable to URL injection. | 6.1 |