In JetBrains TeamCity 2018.2 through 2019.2.1, a project administrator was able to see scrambled password parameters used in a project. The issue was resolved in...
4.9CVSS
5.1AI Score
0.001EPSS
In JetBrains TeamCity before 2019.2.1, a user without appropriate permissions was able to import settings from the settings.kts...
6.5CVSS
6.3AI Score
0.001EPSS
In JetBrains TeamCity before 2019.2.2, password values were shown in an unmasked format on several...
7.5CVSS
7.6AI Score
0.002EPSS
In JetBrains TeamCity before 2019.2.1, the application state is kept alive after a user ends his...
7.5CVSS
7.5AI Score
0.001EPSS
In JetBrains TeamCity before 2019.1.4, a project administrator was able to retrieve some TeamCity server...
2.7CVSS
4AI Score
0.001EPSS
JetBrains TeamCity before 2019.2 was vulnerable to a stored XSS attack by a user with the developer...
5.4CVSS
5.1AI Score
0.001EPSS
6.1CVSS
6.2AI Score
0.001EPSS
In JetBrains TeamCity before 2019.1.5, reverse tabnabbing was possible on several...
4.3CVSS
4.7AI Score
0.001EPSS
In JetBrains TeamCity before 2019.1.5, some server-stored passwords could be shown via the web...
7.5CVSS
7.5AI Score
0.002EPSS
In JetBrains TeamCity before 2019.1.2, a non-destructive operation could be performed by a user without the corresponding...
5.3CVSS
5.2AI Score
0.001EPSS
In JetBrains TeamCity before 2019.1.2, secure values could be exposed to users with the "View build runtime parameters and data"...
5.3CVSS
5.2AI Score
0.001EPSS
In JetBrains TeamCity before 2019.1.4, reverse tabnabbing was possible on several...
4.3CVSS
4.7AI Score
0.001EPSS
In JetBrains TeamCity before 2019.1.4, insecure Java Deserialization could potentially allow remote code...
9.8CVSS
9.7AI Score
0.013EPSS
In JetBrains TeamCity before 2019.1.2, access could be gained to the history of builds of a deleted build configuration under some...
5.3CVSS
5.2AI Score
0.001EPSS
An issue was discovered in JetBrains TeamCity 2018.2.4. It had several XSS vulnerabilities on the settings pages. The issues were fixed in TeamCity...
6.1CVSS
6.1AI Score
0.001EPSS
An issue was discovered in JetBrains TeamCity 2018.2.4. A TeamCity Project administrator could execute any command on the server machine. The issue was fixed in TeamCity 2018.2.5 and...
7.2CVSS
7.1AI Score
0.002EPSS
In JetBrains UpSource versions before 2018.2 build 1293, there is credential disclosure via RPC...
9.8CVSS
9.2AI Score
0.002EPSS
An issue was discovered in JetBrains TeamCity 2018.2.4. A TeamCity Project administrator could get access to potentially confidential server-level data. The issue was fixed in TeamCity 2018.2.5 and...
4.9CVSS
5AI Score
0.001EPSS
An issue was discovered in JetBrains TeamCity 2018.2.4. It had no SSL certificate validation for some external https connections. This was fixed in TeamCity...
7.5CVSS
7.5AI Score
0.001EPSS
An issue was discovered in JetBrains TeamCity 2018.2.4. The TeamCity server was not using some security-related HTTP headers. The issue was fixed in TeamCity...
7.5CVSS
7.5AI Score
0.001EPSS
An issue was discovered in JetBrains TeamCity 2018.2.4. It had a possible remote code execution issue. This was fixed in TeamCity...
9.8CVSS
9.6AI Score
0.169EPSS
JetBrains TeamCity 2019.1 and 2019.1.1 allows cross-site scripting (XSS), potentially making it possible to send an arbitrary HTTP request to a TeamCity server under the name of the currently logged-in...
6.1CVSS
6AI Score
0.001EPSS
A user without the required permissions could gain access to some JetBrains TeamCity settings. The issue was fixed in TeamCity...
4.3CVSS
4.7AI Score
0.001EPSS
A possible stored JavaScript injection was detected on one of the JetBrains TeamCity pages. The issue was fixed in TeamCity...
6.1CVSS
6.3AI Score
0.001EPSS
A reflected XSS on a user page was detected on one of the JetBrains TeamCity pages. The issue was fixed in TeamCity...
6.1CVSS
5.9AI Score
0.001EPSS
A possible stored JavaScript injection requiring a deliberate server administrator action was detected. The issue was fixed in JetBrains TeamCity...
6.1CVSS
6.3AI Score
0.001EPSS
Incorrect handling of user input in ZIP extraction was detected in JetBrains TeamCity. The issue was fixed in TeamCity...
7.5CVSS
7.5AI Score
0.001EPSS
The generated Kotlin DSL settings allowed usage of an unencrypted connection for resolving artifacts. The issue was fixed in JetBrains TeamCity...
5.3CVSS
5.3AI Score
0.001EPSS
Cross-site scripting (XSS) vulnerability in JetBrains TeamCity before 8.1 allows remote attackers to inject arbitrary web script or HTML via the cameFromUrl parameter to...
5.9AI Score
0.002EPSS