CVE-2024-24937

In JetBrains TeamCity before 2023.11.2 stored XSS via agent distribution was possible...

CVE-2024-24937

In JetBrains TeamCity before 2023.11.2 stored XSS via agent distribution was possible...

CVE-2024-24937

JetBrains TeamCity Server prior to 2023.11.2 is affected by a stored cross-site scripting (XSS) vulnerability stemming from agent distribution. The issue allows XSS through the agent distribution channel, as described in CVE-2024-24937 and corroborated by multiple sources referencing TeamCity’s p...

CVE-2024-24937

In JetBrains TeamCity before 2023.11.2 stored XSS via agent distribution was possible...

PT-2024-1520 · Jetbrains · Jetbrains Teamcity +1

Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions 2017.1 through 2023.11.2 Description: The issue is related to an authentication bypass in JetBrains TeamCity, which can lead to remote code execution RCE. This allows an unauthenticated attacker with HTTPS access t...

PT-2024-20676 · Jetbrains · Teamcity

Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions prior to 2023.11.2 Description: The issue allows for limited directory traversal in the Kotlin DSL documentation. Recommendations: For versions prior to 2023.11.2, update to version 2023.11.2 or later to resolve th...

PT-2024-20674 · Jetbrains · Teamcity

Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions prior to 2023.11.2 Description: The issue is related to missing access control at the S3 Artifact Storage plugin endpoint. This could potentially allow unauthorized access. Recommendations: For versions prior to...