The host is installed with JetBrains TeamCity before 2023.05 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle the parameters of the "password" type. Successful exploitation allows attackers to login using the parameters of the "password" type from build dependencies.
The host is installed with JetBrains TeamCity before 2023.05 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle the Plugin Vendor URL. Successful exploitation allows attackers to cause cross site scripting.
The host is installed with JetBrains TeamCity before 2023.05 and is prone to a stored XSS vulnerability. A flaw is present in the application, which fails to handle the Show Connection page. Successful exploitation allows attackers to cause stored XSS.
The host is installed with JetBrains TeamCity before 2022.10.4 and is prone to a stored XSS vulnerability. A flaw is present in the application, which fails to handle the Commit Status Publisher window. Successful exploitation allows attackers to cause stored XSS.
The host is installed with JetBrains TeamCity before 2022.10.4 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle the improper permission checks. Successful exploitation allows attackers without appropriate permissions to edit Build Configuration settings via REST API.
The host is installed with JetBrains TeamCity before 2022.10.4 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle bypass of permission checks. Successful exploitation allows attackers to perform admin actions.
The host is installed with JetBrains TeamCity before 2023.05.3 and is prone to a reflected XSS vulnerability. A flaw is present in the application, which fails to handle issues during user registration. Successful exploitation allow attackers to cause reflected XSS.
The host is installed with JetBrains TeamCity before 2023.05.3 and is prone to a reflected XSS vulnerability. A flaw is present in the application, which fails to handle issues during copying Build Step. Successful exploitation allow attackers to cause reflected XSS.
The host is installed with JetBrains TeamCity before 2023.05.3 and is prone to a stored XSS vulnerability. A flaw is present in the application, which fails to handle issues during Cloud Profiles configuration. Successful exploitation allow attackers to cause stored XSS.
The host is installed with JetBrains TeamCity before 2023.05.4 and is prone to a stored XSS vulnerability. A flaw is present in the application, which fails to handle issues during nodes configuration. Successful exploitation allow attackers to cause stored XSS.