Vulnerabilities > Jetbrains > Teamcity > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-05-11 CVE-2021-3315 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.2, stored XSS on a tests page was possible.
network
low complexity
jetbrains CWE-79
5.4
5.4
2021-02-03 CVE-2021-25778 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.1, permissions during user deletion were checked improperly.
network
low complexity
jetbrains
5.3
5.3
2021-02-03 CVE-2021-25777 Incorrect Authorization vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.1, permissions during token removal were checked improperly.
network
low complexity
jetbrains CWE-863
5.3
5.3
2021-02-03 CVE-2021-25774 Incorrect Authorization vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.1, a user could get access to the GitHub access token of another user.
network
low complexity
jetbrains CWE-863
4.3
4.3
2021-02-03 CVE-2021-25773 Cross-site Scripting vulnerability in Jetbrains Teamcity
JetBrains TeamCity before 2020.2 was vulnerable to reflected XSS on several pages.
network
low complexity
jetbrains CWE-79
6.1
6.1
2021-02-03 CVE-2021-25772 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.2, TeamCity server DoS was possible via server integration.
network
low complexity
jetbrains
5.3
5.3
2020-11-16 CVE-2020-27627 Injection vulnerability in Jetbrains Teamcity
JetBrains TeamCity before 2020.1.2 was vulnerable to URL injection.
network
low complexity
jetbrains CWE-74
6.1
6.1
2020-11-16 CVE-2020-27629 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.1.5, secure dependency parameters could be not masked in depending builds when there are no internal artifacts.
network
low complexity
jetbrains
5.3
5.3
2020-11-16 CVE-2020-27628 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.1.5, the Guest user had access to audit records.
network
low complexity
jetbrains
4.3
4.3
2020-08-08 CVE-2020-15831 Cross-site Scripting vulnerability in Jetbrains Teamcity
JetBrains TeamCity before 2019.2.3 is vulnerable to reflected XSS in the administration UI.
network
low complexity
jetbrains CWE-79
6.1
6.1