CVE-2020-15829
- EPSS 0%
- Published 08.08.2020 21:15:11
- Last modified 21.11.2024 05:06:16
In JetBrains TeamCity before 2019.2.3, password parameters could be disclosed via build logs.
CVE-2020-15830
- EPSS 0.01%
- Published 08.08.2020 21:15:11
- Last modified 21.11.2024 05:06:16
JetBrains TeamCity before 2019.2.3 is vulnerable to stored XSS in the administration UI.
CVE-2020-15831
- EPSS 0.01%
- Published 08.08.2020 21:15:11
- Last modified 21.11.2024 05:06:16
JetBrains TeamCity before 2019.2.3 is vulnerable to reflected XSS in the administration UI.
CVE-2020-11938
- EPSS 0%
- Published 22.04.2020 14:15:13
- Last modified 21.11.2024 04:58:56
In JetBrains TeamCity 2018.2 through 2019.2.1, a project administrator was able to see scrambled password parameters used in a project. The issue was resolved in 2019.2.2.
- EPSS 0%
- Published 22.04.2020 14:15:12
- Last modified 21.11.2024 04:58:24
In JetBrains TeamCity before 2019.1.4, a project administrator was able to retrieve some TeamCity server settings.
CVE-2020-11687
- EPSS 0%
- Published 22.04.2020 14:15:12
- Last modified 21.11.2024 04:58:24
In JetBrains TeamCity before 2019.2.2, password values were shown in an unmasked format on several pages.
CVE-2020-11688
- EPSS 0.01%
- Published 22.04.2020 14:15:12
- Last modified 21.11.2024 04:58:24
In JetBrains TeamCity before 2019.2.1, the application state is kept alive after a user ends his session.
CVE-2020-11689
- EPSS 0%
- Published 22.04.2020 14:15:12
- Last modified 21.11.2024 04:58:24
In JetBrains TeamCity before 2019.2.1, a user without appropriate permissions was able to import settings from the settings.kts file.
CVE-2020-7910
- EPSS 0.01%
- Published 30.01.2020 18:15:12
- Last modified 21.11.2024 05:37:59
JetBrains TeamCity before 2019.2 was vulnerable to a stored XSS attack by a user with the developer role.
CVE-2020-7911
- EPSS 0.01%
- Published 30.01.2020 18:15:12
- Last modified 21.11.2024 05:37:59
In JetBrains TeamCity before 2019.2, several user-level pages were vulnerable to XSS.