JetBrains ≫ Teamcity

In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during copying Build Step

In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during user registration

In JetBrains TeamCity before 2023.05.2 a token with limited permissions could be used to gain full account access

In JetBrains TeamCity before 2023.05.2 a ReDoS attack was possible via integration with issue trackers

In JetBrains TeamCity before 2023.05.2 reflected XSS via GitHub integration was possible

In JetBrains TeamCity before 2023.05.1 stored XSS when using a custom theme was possible

In JetBrains TeamCity before 2023.05.1 parameters of the "password" type could be shown in the UI in certain composite build configurations

In JetBrains TeamCity before 2023.05.1 stored XSS while running custom builds was possible

In JetBrains TeamCity before 2023.05.1 build chain parameters of the "password" type could be written to the agent log

In JetBrains TeamCity before 2023.05.1 stored XSS while viewing the build log was possible