CVE-2023-34229
- EPSS 0.08%
- Published 31.05.2023 14:15:10
- Last modified 21.11.2024 08:06:48
In JetBrains TeamCity before 2023.05 stored XSS in GitLab Connection page was possible
CVE-2022-48427
- EPSS 0.07%
- Published 27.03.2023 17:15:09
- Last modified 21.11.2024 07:33:19
In JetBrains TeamCity before 2022.10.3 stored XSS on “Pending changes” and “Changes” tabs was possible
CVE-2022-48428
- EPSS 5.66%
- Published 27.03.2023 17:15:09
- Last modified 21.11.2024 07:33:19
In JetBrains TeamCity before 2022.10.3 stored XSS on the SSH keys page was possible
CVE-2022-48426
- EPSS 0.07%
- Published 27.03.2023 16:15:07
- Last modified 21.11.2024 07:33:19
In JetBrains TeamCity before 2022.10.3 stored XSS in Perforce connection settings was possible
CVE-2022-48342
- EPSS 0%
- Published 23.02.2023 16:15:11
- Last modified 21.11.2024 07:33:12
In JetBrains TeamCity before 2022.10.2 jVMTI was enabled by default on agents.
CVE-2022-48343
- EPSS 5.2%
- Published 23.02.2023 16:15:11
- Last modified 21.11.2024 07:33:12
In JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability in the user creation process.
CVE-2022-48344
- EPSS 0.07%
- Published 23.02.2023 16:15:11
- Last modified 21.11.2024 07:33:12
In JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability in the group creation process.
CVE-2022-46830
- EPSS 0%
- Published 08.12.2022 18:15:10
- Last modified 21.11.2024 07:31:08
In JetBrains TeamCity between 2022.10 and 2022.10.1 a custom STS endpoint allowed internal port scanning.
CVE-2022-46831
- EPSS 0%
- Published 08.12.2022 18:15:10
- Last modified 21.11.2024 07:31:08
In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default Credential Provider Chain" allowed TeamCity project administrators to access AWS resources normally limited to TeamCity system administrators.
CVE-2022-44646
- EPSS 0%
- Published 03.11.2022 14:15:36
- Last modified 21.11.2024 07:28:15
In JetBrains TeamCity version before 2022.10, no audit items were added upon editing a user's settings