Vulnerabilities > Jetbrains > Teamcity > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-06 | CVE-2021-37547 | Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.4, insufficient checks during file uploading were made. | 5.0 |
2021-08-06 | CVE-2021-37548 | Cleartext Storage of Sensitive Information vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.1, passwords in cleartext sometimes could be stored in VCS. | 5.0 |
2021-05-11 | CVE-2021-31910 | Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.3, information disclosure via SSRF was possible. | 5.0 |
2021-05-11 | CVE-2021-31911 | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.3, reflected XSS was possible on several pages. | 4.3 |
2021-05-11 | CVE-2021-31912 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.3, account takeover was potentially possible during a password reset. | 6.8 |
2021-05-11 | CVE-2021-31913 | Improper Validation of Integrity Check Value vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.3, insufficient checks of the redirect_uri were made during GitHub SSO token exchange. | 5.0 |
2021-05-11 | CVE-2021-26310 | Unspecified vulnerability in Jetbrains Teamcity In the TeamCity IntelliJ plugin before 2020.2.2.85899, DoS was possible. | 5.0 |
2021-05-11 | CVE-2021-31904 | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.2, XSS was potentially possible on the test history page. | 4.3 |
2021-05-11 | CVE-2021-31906 | Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.2, audit logs were not sufficient when an administrator uploaded a file. | 4.0 |
2021-05-11 | CVE-2021-31907 | Incorrect Permission Assignment for Critical Resource vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.2, permission checks for changing TeamCity plugins were implemented improperly. | 5.0 |