CVE-2024-24936
- EPSS 0%
- Published 06.02.2024 10:15:09
- Last modified 21.11.2024 09:00:00
In JetBrains TeamCity before 2023.11.2 access control at the S3 Artifact Storage plugin endpoint was missed
CVE-2024-24937
- EPSS 23.73%
- Published 06.02.2024 10:15:09
- Last modified 21.11.2024 09:00:00
In JetBrains TeamCity before 2023.11.2 stored XSS via agent distribution was possible
CVE-2023-50870
- EPSS 0.01%
- Published 15.12.2023 14:15:15
- Last modified 21.11.2024 08:37:26
In JetBrains TeamCity before 2023.11.1 a CSRF on login was possible
CVE-2023-42793
- EPSS 92.91%
- Published 19.09.2023 17:15:08
- Last modified 10.03.2025 20:32:11
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible
CVE-2023-43566
- EPSS 0.02%
- Published 19.09.2023 17:15:08
- Last modified 21.11.2024 08:24:22
In JetBrains TeamCity before 2023.05.4 stored XSS was possible during nodes configuration
CVE-2023-41248
- EPSS 0.04%
- Published 25.08.2023 13:15:07
- Last modified 21.11.2024 08:20:54
In JetBrains TeamCity before 2023.05.3 stored XSS was possible during Cloud Profiles configuration
CVE-2023-41249
- EPSS 3.14%
- Published 25.08.2023 13:15:07
- Last modified 21.11.2024 08:20:54
In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during copying Build Step
CVE-2023-41250
- EPSS 0.04%
- Published 25.08.2023 13:15:07
- Last modified 21.11.2024 08:20:54
In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during user registration
CVE-2023-39173
- EPSS 0%
- Published 25.07.2023 15:15:13
- Last modified 21.11.2024 08:14:51
In JetBrains TeamCity before 2023.05.2 a token with limited permissions could be used to gain full account access
CVE-2023-39174
- EPSS 0%
- Published 25.07.2023 15:15:13
- Last modified 21.11.2024 08:14:51
In JetBrains TeamCity before 2023.05.2 a ReDoS attack was possible via integration with issue trackers