Vulnerabilidades en JetBrains
325 resultadosCVE-2024-27199HIGHIn JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possibleEPSS 100.0%KEVCVE-2023-42793CRITICALIn JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possibleEPSS 100.0%KEVCVE-2024-27198CRITICALIn JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possibleEPSS 99.9%KEVCVE-2024-31138MEDIUMIn JetBrains TeamCity before 2024.03 xSS was possible via Agent Distribution settingsEPSS 74.5%CVE-2022-48428MEDIUMIn JetBrains TeamCity before 2022.10.3 stored XSS on the SSH keys page was possibleEPSS 68.0%CVE-2023-34220MEDIUMIn JetBrains TeamCity before 2023.05 stored XSS in the Commit Status Publisher window was possibleEPSS 61.2%CVE-2023-34225MEDIUMIn JetBrains TeamCity before 2023.05 stored XSS in the NuGet feed page was possibleEPSS 60.7%CVE-2022-48343MEDIUMIn JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability in the user creation process.EPSS 59.5%CVE-2024-23917CRITICALIn JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possibleEPSS 54.0%CVE-2023-41249MEDIUMIn JetBrains TeamCity before 2023.05.3 reflected XSS was possible during copying Build StepEPSS 53.1%CVE-2024-24942MEDIUMIn JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archivesEPSS 32.0%CVE-2024-47949MEDIUMIn JetBrains TeamCity before 2024.07.3 path traversal allowed backup file write to arbitrary locationEPSS 22.9%CVE-2025-46618LOWIn JetBrains TeamCity before 2025.03.1 stored XSS was possible on Data Directory tabEPSS 20.2%CVE-2025-31140MEDIUMIn JetBrains TeamCity before 2025.03 stored XSS was possible on Cloud Profiles pageEPSS 16.9%CVE-2025-52877MEDIUMIn JetBrains TeamCity before 2025.03.3 reflected XSS on diskUsageBuildsStats page was possibleEPSS 13.6%CVE-2025-52876MEDIUMIn JetBrains TeamCity before 2025.03.3 reflected XSS on the favoriteIcon page was possibleEPSS 13.6%CVE-2025-59456MEDIUMIn JetBrains TeamCity before 2025.07.2 path traversal was possible during project archive uploadEPSS 12.1%CVE-2024-37051CRITICALGitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023EPSS 3.8%CVE-2025-68165MEDIUMIn JetBrains TeamCity before 2025.11 reflected XSS was possible on VCS Root setupEPSS 3.5%CVE-2025-24459MEDIUMIn JetBrains TeamCity before 2024.12.1 reflected XSS was possible on the Vault Connection pageEPSS 2.7%