4709 matches found
JetBrains TeamCity > 2023.11.3 - Authentication Bypass
In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible id: CVE-2024-23917 info: name: JetBrains TeamCity 2023.11.3 - Authentication Bypass author: iamnoooob,rootxharsh,pdresearch severity: critical description: | In JetBrains TeamCity before 2023.11.3...
CVE-2026-61492
In JetBrains YouTrack before 2026.2.17394 stored XSS via article titles in digest emails was possible...
CVE-2026-59791
In JetBrains YouTrack before 2026.2.17012 cSS injection via Mermaid diagram rendering was possible...
CVE-2026-59794
In JetBrains TeamCity before 2026.1.2 stored XSS on the cloud profile page was possible via agent-reported data...
CVE-2026-59792
In JetBrains IntelliJ IDEA before 2026.1.4, 2026.2 code execution via path traversal in project workspace ID handling was possible...
CVE-2026-59795
In JetBrains TeamCity before 2026.1.2 stored XSS via unauthenticated agent registration was possible...
CVE-2026-59796
In JetBrains TeamCity before 2026.1.2 pipeline modification was possible due to improper permission checks...
EUVD-2026-42915
In JetBrains YouTrack before 2026.2.17394 stored XSS via article titles in digest emails was possible...
CVE-2026-61492
In JetBrains YouTrack before 2026.2.17394 stored XSS via article titles in digest emails was possible...
CVE-2026-61492
The provided connected documents identify a concrete vulnerability in JetBrains YouTrack: stored XSS via article titles in digest emails, affecting versions prior to 2026.2.17394. The exact root cause is not detailed beyond this description, and there are no explicit exploit details or remediatio...
CVE-2026-59796
In JetBrains TeamCity before 2026.1.2 pipeline modification was possible due to improper permission checks...
EUVD-2026-42913
In JetBrains TeamCity before 2026.1.2 stored XSS via unauthenticated agent registration was possible...
CVE-2026-59796
CVE-2026-59796 affects JetBrains TeamCity prior to 2026.1.2. The issue arises from improper permission checks that could allow pipeline modification. Documented impact is pipeline modification with high impact on confidentiality and integrity (per CVSS 3.1: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). N...
CVE-2026-59794
In JetBrains TeamCity before 2026.1.2 stored XSS on the cloud profile page was possible via agent-reported data...
CVE-2026-59794
JetBrains TeamCity (pre-2026.1.2) is affected by a stored XSS on the cloud profile page due to agent-reported data. The issue enables an attacker with low privileges and network access to trigger a stored XSS that can impact user confidentiality and integrity, with user interaction required. The ...
EUVD-2026-42912
In JetBrains TeamCity before 2026.1.2 stored XSS on the cloud profile page was possible via agent-reported data...
CVE-2026-59792
In JetBrains IntelliJ IDEA before 2026.1.4, 2026.2 code execution via path traversal in project workspace ID handling was possible...
EUVD-2026-42910
In JetBrains IntelliJ IDEA before 2026.1.4, 2026.2 code execution via path traversal in project workspace ID handling was possible...
EUVD-2026-42911
In JetBrains TeamCity before 2026.1.2 arbitrary file access was possible via the Perforce VCS integration...
CVE-2026-59793
CVE-2026-59793 affects JetBrains TeamCity prior to version 2026.1.2. The issue allows arbitrary file access via the Perforce VCS integration, due to the Perforce VCS integration component. Impact is described as high for confidentiality, integrity, and availability. The CVSS vector indicates netw...