Filtered by vendor Jetbrains Subscriptions
Filtered by product Teamcity Subscriptions
Total 168 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-15831 1 Jetbrains 1 Teamcity 2024-08-04 6.1 Medium
JetBrains TeamCity before 2019.2.3 is vulnerable to reflected XSS in the administration UI.
CVE-2020-15829 1 Jetbrains 1 Teamcity 2024-08-04 5.3 Medium
In JetBrains TeamCity before 2019.2.3, password parameters could be disclosed via build logs.
CVE-2020-15830 1 Jetbrains 1 Teamcity 2024-08-04 6.1 Medium
JetBrains TeamCity before 2019.2.3 is vulnerable to stored XSS in the administration UI.
CVE-2020-15826 1 Jetbrains 1 Teamcity 2024-08-04 4.3 Medium
In JetBrains TeamCity before 2020.1, users are able to assign more permissions than they have.
CVE-2020-15825 1 Jetbrains 1 Teamcity 2024-08-04 8.8 High
In JetBrains TeamCity before 2020.1, users with the Modify Group permission can elevate other users' privileges.
CVE-2020-15828 1 Jetbrains 1 Teamcity 2024-08-04 6.5 Medium
In JetBrains TeamCity before 2020.1.1, project parameter values can be retrieved by a user without appropriate permissions.
CVE-2020-11938 1 Jetbrains 1 Teamcity 2024-08-04 4.9 Medium
In JetBrains TeamCity 2018.2 through 2019.2.1, a project administrator was able to see scrambled password parameters used in a project. The issue was resolved in 2019.2.2.
CVE-2020-11689 1 Jetbrains 1 Teamcity 2024-08-04 6.5 Medium
In JetBrains TeamCity before 2019.2.1, a user without appropriate permissions was able to import settings from the settings.kts file.
CVE-2020-11687 1 Jetbrains 1 Teamcity 2024-08-04 7.5 High
In JetBrains TeamCity before 2019.2.2, password values were shown in an unmasked format on several pages.
CVE-2020-11686 1 Jetbrains 1 Teamcity 2024-08-04 2.7 Low
In JetBrains TeamCity before 2019.1.4, a project administrator was able to retrieve some TeamCity server settings.
CVE-2020-11688 1 Jetbrains 1 Teamcity 2024-08-04 7.5 High
In JetBrains TeamCity before 2019.2.1, the application state is kept alive after a user ends his session.
CVE-2020-7908 1 Jetbrains 1 Teamcity 2024-08-04 4.3 Medium
In JetBrains TeamCity before 2019.1.5, reverse tabnabbing was possible on several pages.
CVE-2020-7910 1 Jetbrains 1 Teamcity 2024-08-04 5.4 Medium
JetBrains TeamCity before 2019.2 was vulnerable to a stored XSS attack by a user with the developer role.
CVE-2020-7911 1 Jetbrains 1 Teamcity 2024-08-04 6.1 Medium
In JetBrains TeamCity before 2019.2, several user-level pages were vulnerable to XSS.
CVE-2020-7909 1 Jetbrains 1 Teamcity 2024-08-04 7.5 High
In JetBrains TeamCity before 2019.1.5, some server-stored passwords could be shown via the web UI.
CVE-2021-43194 1 Jetbrains 1 Teamcity 2024-08-04 5.3 Medium
In JetBrains TeamCity before 2021.1.2, user enumeration was possible.
CVE-2021-43198 1 Jetbrains 1 Teamcity 2024-08-04 5.4 Medium
In JetBrains TeamCity before 2021.1.2, stored XSS is possible.
CVE-2021-43196 1 Jetbrains 1 Teamcity 2024-08-04 7.5 High
In JetBrains TeamCity before 2021.1, information disclosure via the Docker Registry connection dialog is possible.
CVE-2021-43201 1 Jetbrains 1 Teamcity 2024-08-04 5.3 Medium
In JetBrains TeamCity before 2021.1.3, a newly created project could take settings from an already deleted project.
CVE-2021-43202 1 Jetbrains 1 Teamcity 2024-08-04 9.8 Critical
In JetBrains TeamCity before 2021.1.3, the X-Frame-Options header is missing in some cases.