Teamcity
Sign in to watchby Jetbrains
Source repositories
CVEs (166)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-27199 | Hig | 0.73 | 7.3 | 0.91 | KEV | Mar 4, 2024 | In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible |
| CVE-2024-27198 | 0.28 | — | 0.93 | KEV | Mar 4, 2024 | In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible | |
| CVE-2023-42793 | 0.28 | — | 0.93 | KEV | Sep 19, 2023 | In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible | |
| CVE-2024-23917 | 0.06 | — | 0.73 | Feb 6, 2024 | In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible | ||
| CVE-2024-43810 | 0.04 | — | 0.48 | Aug 16, 2024 | In JetBrains TeamCity before 2024.07.1 reflected XSS was possible in the AWS Core plugin | ||
| CVE-2024-41825 | 0.04 | — | 0.56 | Jul 22, 2024 | In JetBrains TeamCity before 2024.07 stored XSS was possible on the Code Inspection tab | ||
| CVE-2024-36374 | 0.04 | — | 0.46 | May 29, 2024 | In JetBrains TeamCity before 2024.03.2 stored XSS via build step settings was possible | ||
| CVE-2024-36373 | 0.04 | — | 0.56 | May 29, 2024 | In JetBrains TeamCity before 2024.03.2 several stored XSS in untrusted builds settings were possible | ||
| CVE-2024-36371 | 0.04 | — | 0.55 | May 29, 2024 | In JetBrains TeamCity before 2023.05.6, 2023.11.5 stored XSS in Commit status publisher was possible | ||
| CVE-2024-36370 | 0.04 | — | 0.46 | May 29, 2024 | In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via OAuth connection settings was possible | ||
| CVE-2024-36369 | 0.04 | — | 0.56 | May 29, 2024 | In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via issue tracker integration was possible | ||
| CVE-2024-36363 | 0.04 | — | 0.56 | May 29, 2024 | In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 several Stored XSS in code inspection reports were possible | ||
| CVE-2024-35302 | 0.04 | — | 0.47 | May 16, 2024 | In JetBrains TeamCity before 2023.11 stored XSS during restore from backup was possible | ||
| CVE-2024-56355 | 0.03 | — | 0.34 | Dec 20, 2024 | In JetBrains TeamCity before 2024.12 missing Content-Type header in RemoteBuildLogController response could lead to XSS | ||
| CVE-2024-56352 | 0.03 | — | 0.34 | Dec 20, 2024 | In JetBrains TeamCity before 2024.12 stored XSS was possible via image name on the agent details page | ||
| CVE-2024-43807 | 0.03 | — | 0.43 | Aug 16, 2024 | In JetBrains TeamCity before 2024.07.1 multiple stored XSS was possible on Clouds page | ||
| CVE-2024-36366 | 0.03 | — | 0.38 | May 29, 2024 | In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 an XSS could be executed via certain report grouping and filtering operations | ||
| CVE-2025-31140 | 0.02 | — | 0.30 | Mar 27, 2025 | In JetBrains TeamCity before 2025.03 stored XSS was possible on Cloud Profiles page | ||
| CVE-2025-24459 | 0.02 | — | 0.22 | Jan 21, 2025 | In JetBrains TeamCity before 2024.12.1 reflected XSS was possible on the Vault Connection page | ||
| CVE-2024-36372 | 0.02 | — | 0.22 | May 29, 2024 | In JetBrains TeamCity before 2023.05.6 reflected XSS on the subscriptions page was possible |
Page 1 of 9