3 matches found
Exploit for Server-Side Request Forgery in Jetbrains Teamcity
TeamCity IntelliJ IDEA Plugin credential interception CVE-20...
CVE-2020-35667
JetBrains TeamCity Plugin before 2020.2.85695 SSRF. Vulnerability that could potentially expose user credentials...
CVE-2020-35667
CVE-2020-35667 is an SSRF issue in the JetBrains TeamCity IntelliJ IDEA plugin prior to 2020.2.85695. The vulnerability allows an attacker-controlled endpoint to intercept credentials during plugin login via XML-RPC interactions. A GitHub PoC demonstrates credential interception by building a fak...