CVE-2024-47950
- EPSS 0.05%
- Published 08.10.2024 16:15:12
- Last modified 11.10.2024 19:57:16
In JetBrains TeamCity before 2024.07.3 stored XSS was possible in Backup configuration settings
CVE-2024-43807
- EPSS 22.09%
- Published 16.08.2024 15:15:29
- Last modified 19.08.2024 21:09:42
In JetBrains TeamCity before 2024.07.1 multiple stored XSS was possible on Clouds page
CVE-2024-43808
- EPSS 1.28%
- Published 16.08.2024 15:15:29
- Last modified 19.08.2024 21:10:14
In JetBrains TeamCity before 2024.07.1 self XSS was possible in the HashiCorp Vault plugin
CVE-2024-43809
- EPSS 0.07%
- Published 16.08.2024 15:15:29
- Last modified 19.08.2024 21:11:28
In JetBrains TeamCity before 2024.07.1 reflected XSS was possible on the agentPushPreset page
CVE-2024-43810
- EPSS 20.92%
- Published 16.08.2024 15:15:29
- Last modified 19.08.2024 21:11:45
In JetBrains TeamCity before 2024.07.1 reflected XSS was possible in the AWS Core plugin
CVE-2024-43114
- EPSS 0.01%
- Published 06.08.2024 13:15:56
- Last modified 11.09.2024 19:11:11
In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory permissions
CVE-2024-41827
- EPSS 0.01%
- Published 22.07.2024 15:15:05
- Last modified 21.11.2024 09:33:08
In JetBrains TeamCity before 2024.07 access tokens could continue working after deletion or expiration
CVE-2024-41828
- EPSS 0.01%
- Published 22.07.2024 15:15:05
- Last modified 21.11.2024 09:33:09
In JetBrains TeamCity before 2024.07 comparison of authorization tokens took non-constant time
CVE-2024-41829
- EPSS 0%
- Published 22.07.2024 15:15:05
- Last modified 21.11.2024 09:33:09
In JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space could be stolen via Space Application connection
CVE-2024-41824
- EPSS 0.01%
- Published 22.07.2024 15:15:04
- Last modified 21.11.2024 09:33:08
In JetBrains TeamCity before 2024.07 parameters of the "password" type could leak into the build log in some specific cases