Vulnerabilities > Jetbrains > Teamcity > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-05-20 | CVE-2025-47851 | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2025.03.2 stored XSS via GitHub Checks Webhook was possible | 5.4 |
| 2025-05-20 | CVE-2025-47852 | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2025.03.2 stored XSS via YouTrack integration was possible | 5.4 |
| 2025-05-20 | CVE-2025-47853 | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2025.03.2 stored XSS via Jira integration was possible | 5.4 |
| 2025-05-20 | CVE-2025-47854 | Open Redirect vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2025.03.2 open redirect was possible on editing VCS Root page | 6.1 |
| 2025-04-25 | CVE-2025-46432 | Information Exposure Through Log Files vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2025.03.1 base64-encoded credentials could be exposed in build logs | 6.5 |
| 2025-04-25 | CVE-2025-46618 | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2025.03.1 stored XSS was possible on Data Directory tab | 6.1 |
| 2025-03-27 | CVE-2025-31139 | Information Exposure Through Log Files vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2025.03 base64 encoded password could be exposed in build log | 6.5 |
| 2025-03-27 | CVE-2025-31140 | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2025.03 stored XSS was possible on Cloud Profiles page | 6.1 |
| 2025-02-11 | CVE-2025-26493 | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.12.2 several DOM-based XSS were possible on the Code Inspection Report tab | 6.1 |
| 2025-01-21 | CVE-2025-24459 | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.12.1 reflected XSS was possible on the Vault Connection page | 6.1 |