Vulnerabilities > Jetbrains > Teamcity

DATE CVE VULNERABILITY TITLE RISK
2024-05-29 CVE-2024-36364 Incorrect Authorization vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 improper access control in Pull Requests and Commit status publisher build features was possible
network
low complexity
jetbrains CWE-863
6.5
2024-05-29 CVE-2024-36365 Incorrect Authorization vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5, 2024.03.2 a third-party agent could impersonate a cloud agent
network
low complexity
jetbrains CWE-863
8.1
2024-05-29 CVE-2024-36366 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 an XSS could be executed via certain report grouping and filtering operations
network
low complexity
jetbrains CWE-79
6.1
2024-05-29 CVE-2024-36367 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via third-party reports was possible
network
low complexity
jetbrains CWE-79
6.1
2024-05-29 CVE-2024-36368 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 reflected XSS via OAuth provider configuration was possible
network
low complexity
jetbrains CWE-79
5.4
2024-05-29 CVE-2024-36369 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via issue tracker integration was possible
network
low complexity
jetbrains CWE-79
5.4
2024-05-29 CVE-2024-36370 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via OAuth connection settings was possible
network
low complexity
jetbrains CWE-79
5.4
2024-05-16 CVE-2024-35300 Cross-site Scripting vulnerability in Jetbrains Teamcity 2024.03
In JetBrains TeamCity between 2024.03 and 2024.03.1 several stored XSS in the available updates page were possible
network
low complexity
jetbrains CWE-79
6.1
2024-05-16 CVE-2024-35301 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.03.1 commit status publisher didn't check project scope of the GitHub App token
network
low complexity
jetbrains
5.5
2024-05-16 CVE-2024-35302 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11 stored XSS during restore from backup was possible
network
low complexity
jetbrains CWE-79
6.1