9 matches found
CVE-2024-56351
In JetBrains TeamCity before 2024.12 access tokens were not revoked after removing user roles
CVE-2024-56352
In JetBrains TeamCity before 2024.12 stored XSS was possible via image name on the agent details page
CVE-2024-56348
In JetBrains TeamCity before 2024.12 improper access control allowed viewing details of unauthorized agents
CVE-2024-56350
In JetBrains TeamCity before 2024.12 build credentials allowed unauthorized viewing of projects
CVE-2024-56354
In JetBrains TeamCity before 2024.12 password field value were accessible to users with view settings permission
CVE-2024-56355
In JetBrains TeamCity before 2024.12 missing Content-Type header in RemoteBuildLogController response could lead to XSS
CVE-2024-56356
In JetBrains TeamCity before 2024.12 insecure XMLParser configuration could lead to potential XXE attack
CVE-2024-56353
In JetBrains TeamCity before 2024.12 backup file exposed user credentials and session cookies
CVE-2024-56349
In JetBrains TeamCity before 2024.12 improper access control allowed unauthorized users to modify build logs