JetBrains ≫ Teamcity

In JetBrains TeamCity before 2025.03.1 stored XSS was possible on Data Directory tab

In JetBrains TeamCity before 2025.03.1 base64-encoded credentials could be exposed in build logs

In JetBrains TeamCity before 2025.03.1 improper path validation in loggingPreset parameter was possible

In JetBrains TeamCity before 2025.03 stored XSS was possible on Cloud Profiles page

In JetBrains TeamCity before 2025.03 exception could lead to credential leakage on Cloud Profiles page

In JetBrains TeamCity before 2025.03 base64 encoded password could be exposed in build log

In JetBrains TeamCity before 2024.12.2 improper Kubernetes connection settings could expose sensitive resources

In JetBrains TeamCity before 2024.12.2 several DOM-based XSS were possible on the Code Inspection Report tab

In JetBrains TeamCity before 2024.12.1 improper access control allowed to see Projects’ names in the agent pool

In JetBrains TeamCity before 2024.12.1 decryption of connection secrets without proper permissions was possible via Test Connection endpoint