2699 matches found
JetBrains TeamCity > 2023.11.3 - Authentication Bypass
In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible id: CVE-2024-23917 info: name: JetBrains TeamCity 2023.11.3 - Authentication Bypass author: iamnoooob,rootxharsh,pdresearch severity: critical description: | In JetBrains TeamCity before 2023.11.3...
CVE-2026-59793
In JetBrains TeamCity before 2026.1.2 arbitrary file access was possible via the Perforce VCS integration...
CVE-2026-59794
In JetBrains TeamCity before 2026.1.2 stored XSS on the cloud profile page was possible via agent-reported data...
CVE-2026-59795
In JetBrains TeamCity before 2026.1.2 stored XSS via unauthenticated agent registration was possible...
CVE-2026-59796
In JetBrains TeamCity before 2026.1.2 pipeline modification was possible due to improper permission checks...
CVE-2026-59795
In JetBrains TeamCity before 2026.1.2 stored XSS via unauthenticated agent registration was possible...
EUVD-2026-42913
In JetBrains TeamCity before 2026.1.2 stored XSS via unauthenticated agent registration was possible...
EUVD-2026-42914
In JetBrains TeamCity before 2026.1.2 pipeline modification was possible due to improper permission checks...
CVE-2026-59795
CVE-2026-59795 affects JetBrains TeamCity prior to 2026.1.2. The vulnerability is a stored XSS via unauthenticated agent registration, enabling cross-site script execution under defined conditions. CVSSv3.1 base score 8.1 (HIGH) with network attack vector, low attack complexity, no privileges req...
CVE-2026-59796
CVE-2026-59796 affects JetBrains TeamCity prior to 2026.1.2. The issue arises from improper permission checks that could allow pipeline modification. Documented impact is pipeline modification with high impact on confidentiality and integrity (per CVSS 3.1: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). N...
CVE-2026-59796
In JetBrains TeamCity before 2026.1.2 pipeline modification was possible due to improper permission checks...
EUVD-2026-42912
In JetBrains TeamCity before 2026.1.2 stored XSS on the cloud profile page was possible via agent-reported data...
CVE-2026-59794
JetBrains TeamCity (pre-2026.1.2) is affected by a stored XSS on the cloud profile page due to agent-reported data. The issue enables an attacker with low privileges and network access to trigger a stored XSS that can impact user confidentiality and integrity, with user interaction required. The ...
CVE-2026-59794
In JetBrains TeamCity before 2026.1.2 stored XSS on the cloud profile page was possible via agent-reported data...
EUVD-2026-42911
In JetBrains TeamCity before 2026.1.2 arbitrary file access was possible via the Perforce VCS integration...
CVE-2026-59793
CVE-2026-59793 affects JetBrains TeamCity prior to version 2026.1.2. The issue allows arbitrary file access via the Perforce VCS integration, due to the Perforce VCS integration component. Impact is described as high for confidentiality, integrity, and availability. The CVSS vector indicates netw...
CVE-2026-59793
In JetBrains TeamCity before 2026.1.2 arbitrary file access was possible via the Perforce VCS integration...
PT-2026-57185
Name of the Vulnerable Software and Affected Versions JetBrains TeamCity versions prior to 2026.1.2 Description Stored Cross-Site Scripting XSS is possible on the cloud profile page. This occurs when the application fails to properly sanitize data reported by agents, allowing an attacker to injec...
PT-2026-57186
Name of the Vulnerable Software and Affected Versions JetBrains TeamCity versions prior to 2026.1.2 Description Stored Cross-Site Scripting XSS is possible through the unauthenticated agent registration process. Stored XSS occurs when an application receives data from a user and includes that dat...
PT-2026-57187
Name of the Vulnerable Software and Affected Versions JetBrains TeamCity versions prior to 2026.1.2 Description Improper permission checks allow for unauthorized modification of pipelines. Recommendations Update to version 2026.1.2...