CVE-2024-53961

ColdFusion versions 2023.11, 2021.17 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access files or directories that are outsid...

CVE-2024-35302

In JetBrains TeamCity before 2023.11 stored XSS during restore from backup was possible...

CVE-2024-35302

CVE-2024-35302 describes a stored cross-site scripting (XSS) vulnerability in JetBrains TeamCity where, prior to version 2023.11, an XSS payload could be stored during the backup restore process. The root cause is an insufficient sanitization/handling of input during restoration, allowing injecte...

PT-2024-3981 · Jetbrains · Teamcity

Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions prior to 2023.11 Description: The issue is related to a stored XSS vulnerability during the restore from backup process. This could allow a remote attacker to conduct cross-site scripting attacks. The vulnerability...

PT-2024-2108 · Jetbrains · Teamcity

Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions 2023.11 through 2023.11.4 Description: The issue is related to the disclosure of information during data transmission in the JetBrains TeamCity continuous integration and continuous delivery CI/CD system. This coul...