Lucene search
China National Vulnerability DatabaseCNVD-2023-62629HistoryJul 14, 2023 - 12:00 a.m.
JetBrains TeamCity Cross-Site Scripting Vulnerability (CNVD-2023-62629)
2023-07-1400:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
jetbrains
teamcity
cross-site scripting
vulnerability
authentication
validation
build management
0.0005 Low
EPSS
Percentile
18.0%
JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A cross-site scripting vulnerability exists in JetBrains TeamCity versions prior to 2023.05.1 due to incorrect validation of user-supplied input by the build log. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jetbrains teamcity | lt | 2023.05.1 |
Related
cve
cve
CVE-2023-38065
2023-07-12 13:15:09
prion
prion
Cross site scripting
2023-07-12 13:15:00
cvelist
cvelist
CVE-2023-38065
2023-07-12 12:48:21
nvd
nvd
CVE-2023-38065
2023-07-12 13:15:09
nessus
nessus
TeamCity Server < 2023.05.1 Multiple Vulnerabilities
2023-09-29 00:00:00