Vulnerabilities > Jetbrains > Teamcity

DATE CVE VULNERABILITY TITLE RISK
2024-03-28 CVE-2024-31138 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.03 xSS was possible via Agent Distribution settings
network
low complexity
jetbrains CWE-79
5.4
2024-03-04 CVE-2024-27198 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
network
low complexity
jetbrains
critical
9.8
2024-02-06 CVE-2024-23917 Missing Authentication for Critical Function vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible
network
low complexity
jetbrains CWE-306
critical
9.8
2024-02-06 CVE-2024-24936 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.2 access control at the S3 Artifact Storage plugin endpoint was missed
network
low complexity
jetbrains
5.3
2024-02-06 CVE-2024-24937 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.2 stored XSS via agent distribution was possible
network
low complexity
jetbrains CWE-79
5.4
2024-02-06 CVE-2024-24938 Path Traversal vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL documentation
network
low complexity
jetbrains CWE-22
5.3
2024-02-06 CVE-2024-24942 Path Traversal vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives
network
low complexity
jetbrains CWE-22
5.3
2023-12-15 CVE-2023-50870 Cross-Site Request Forgery (CSRF) vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.1 a CSRF on login was possible
network
low complexity
jetbrains CWE-352
8.8
2023-09-19 CVE-2023-42793 Authentication Bypass Using an Alternate Path or Channel vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible
network
low complexity
jetbrains CWE-288
critical
9.8
2023-09-19 CVE-2023-43566 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05.4 stored XSS was possible during nodes configuration
network
low complexity
jetbrains CWE-79
5.4