This page contains information about resolved security issues, including description, severity, assigned CVEs, and the product versions in which they were resolved.
Product | Description | Severity | Resolved In | CWE | CVE |
---|---|---|---|---|---|
TeamCity | Several DOM-based XSS were possible on the Code Inspection Report tab (TW-87505) | Medium | 2024.12.2 | CWE-79 | CVE-2025-26493 |
TeamCity | Improper Kubernetes connection settings could expose sensitive resources (TW-91106) | High | 2024.12.2 | CWE-522 | CVE-2025-26492 |
TeamCity | Reflected XSS was possible on the Vault Connection page (TW-91124) | Medium | 2024.12.1 | CWE-79 | CVE-2025-24459 |
TeamCity | Improper access control allowed to see Projects’ names in the agent pool (TW-52375, TW-91367) | Medium | 2024.12.1 | CWE-863 | CVE-2025-24460 |
TeamCity | Decryption of connection secrets without proper permissions was possible via Test Connection endpoint (TW-91164) | Medium | 2024.12.1 | CWE-862 | CVE-2025-24461 |
TeamCity | Improper access control allowed viewing details of unauthorized agents (TW-85841) | Medium | 2024.12 | CWE-863 | CVE-2024-56348 |
TeamCity | Improper access control allowed unauthorized users to modify build logs (TW-90726) | Medium | 2024.12 | CWE-862 | CVE-2024-56349 |
TeamCity | Build credentials allowed unauthorized viewing of projects (TW-24904) | Medium | 2024.12 | CWE-863 | CVE-2024-56350 |
TeamCity | Access tokens were not revoked after removing user roles (TW-76910) | Medium | 2024.12 | CWE-613 | CVE-2024-56351 |
TeamCity | Stored XSS was possible via image name on the agent details page (TW-89485) | Medium | 2024.12 | CWE-79 | CVE-2024-56352 |
TeamCity | Backup file exposed user credentials and session cookies. Reported by Thomas Siegbert (TW-89719) | Medium | 2024.12 | CWE-212 | CVE-2024-56353 |
TeamCity | Password field value were accessible to users with view settings permission (TW-49870) | Medium | 2024.12 | CWE-522 | CVE-2024-56354 |
TeamCity | Missing Content-Type header in RemoteBuildLogController response could lead to XSS (TW-80940) | Medium | 2024.12 | CWE-79 | CVE-2024-56355 |
TeamCity | Insecure XMLParser configuration could lead to potential XXE attack (TW-86582) | Medium | 2024.12 | CWE-611 | CVE-2024-56356 |
TeamCity | Password could be exposed via Sonar runner REST API (TW-64557) | Medium | 2024.07.3 | CWE-522 | CVE-2024-47161 |
TeamCity | Path traversal leading to information disclosure was possible via server backups. Reported by Thomas Siegbert (TW-89721) | Medium | 2024.07.3 | CWE-23 | CVE-2024-47948 |
TeamCity | Path traversal allowed backup file write to arbitrary location. Reported by Thomas Siegbert (TW-89723) | Medium | 2024.07.3 | CWE-23 | CVE-2024-47949 |
TeamCity | Stored XSS was possible in Backup configuration settings. Reported by Thomas Siegbert (TW-89700) | Low | 2024.07.3 | CWE-79 | CVE-2024-47950 |
TeamCity | Stored XSS was possible via server global settings (TW-88983) | Low | 2024.07.3 | CWE-79 | CVE-2024-47951 |
TeamCity | Possible privilege escalation due to incorrect directory permissions. Reported by Crispr Xiang from TianShu Dubhe Team (TW-87656) | High | 2024.07.1 | CWE-276 | CVE-2024-43114 |
TeamCity | Multiple stored XSS was possible on Clouds page (TW-85512) | Medium | 2024.07.1 | CWE-79 | CVE-2024-43807 |
TeamCity | Self XSS was possible in the HashiCorp Vault plugin (TW-84492) | Low | 2024.07.1 | CWE-79 | CVE-2024-43808 |
TeamCity | Reflected XSS was possible on the agentPushPreset page (TW-84016) | Low | 2024.07.1 | CWE-79 | CVE-2024-43809 |
TeamCity | Reflected XSS was possible in the AWS Core plugin (TW-86958) | Medium | 2024.07.1 | CWE-79 | CVE-2024-43810 |
TeamCity | Parameters of the "password" type could leak into the build log in some specific cases (TW-67957) | Medium | 2024.07 | CWE-532 | CVE-2024-41824 |
TeamCity | Stored XSS was possible on the Code Inspection tab (TW-83483) | Medium | 2024.07 | CWE-79 | CVE-2024-41825 |
TeamCity | Stored XSS was possible on Show Connection page (TW-86935) | Low | 2024.07 | CWE-79 | CVE-2024-41826 |
TeamCity | Access tokens could continue working after deletion or expiration (TW-76857) | High | 2024.07 | CWE-613 | CVE-2024-41827 |
TeamCity | Comparison of authorization tokens took non-constant time (TW-85815) | Low | 2024.07 | CWE-208 | CVE-2024-41828 |
TeamCity | An OAuth code for JetBrains Space could be stolen via Space Application connection (TW-84124) | Low | 2024.07 | CWE-303 | CVE-2024-41829 |
TeamCity | Private key could be exposed via testing GitHub App Connection (TW-88255) | Medium | 2024.03.3 | CWE-522 | CVE-2024-39878 |
TeamCity | Application token could be exposed in EC2 Cloud Profile settings (TW-88399) | Medium | 2024.03.3 | CWE-522 | CVE-2024-39879 |
TeamCity | Path traversal allowing to read files from server was possible (TW-87898) | Medium | 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5, 2024.03.2 | CWE-23 | CVE-2024-36362 |
TeamCity | Several Stored XSS in code inspection reports were possible (TW-83495) | Medium | 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 | CWE-79 | CVE-2024-36363 |
TeamCity | Improper access control in Pull Requests and Commit status publisher build features was possible (TW-84931) | Medium | 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 | CWE-863 | CVE-2024-36364 |
TeamCity | A third-party agent could impersonate a cloud agent (TW-87450) | Medium | 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5, 2024.03.2 | CWE-863 | CVE-2024-36365 |
TeamCity | An XSS could be executed via certain report grouping and filtering operations (TW-83893) | Medium | 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 | CWE-79 | CVE-2024-36366 |
TeamCity | Stored XSS via third-party reports was possible (TW-83270) | Medium | 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 | CWE-79 | CVE-2024-36367 |
TeamCity | Reflected XSS via OAuth provider configuration was possible (TW-83485) | Medium | 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 | CWE-79 | CVE-2024-36368 |
TeamCity | Stored XSS via issue tracker integration was possible (TW-83149) | Medium | 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 | CWE-79 | CVE-2024-36369 |
TeamCity | Stored XSS via OAuth connection settings was possible (TW-83658) | Medium | 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 | CWE-79 | CVE-2024-36370 |
TeamCity | Stored XSS in Commit status publisher was possible (TW-84958) | Medium | 2023.05.6, 2023.11.5 | CWE-79 | CVE-2024-36371 |
TeamCity | Reflected XSS on the subscriptions page was possible (TW-83892) | Medium | 2023.05.6 | CWE-79 | CVE-2024-36372 |
TeamCity | Several stored XSS in untrusted builds settings were possible (TW-87421) | Medium | 2024.03.2 | CWE-79 | CVE-2024-36373 |
TeamCity | Stored XSS via build step settings was possible (TW-87381) | Medium | 2024.03.2 | CWE-79 | CVE-2024-36374 |
TeamCity | Technical information regarding TeamCity server could be exposed (TW-87468) | Medium | 2024.03.2 | CWE-209 | CVE-2024-36375 |
TeamCity | Users could perform actions that should not be available to them based on their permissions (TW-83710) | Medium | 2024.03.2 | CWE-863 | CVE-2024-36376 |
TeamCity | Certain TeamCity API endpoints did not check user permissions (TW-83647) | Medium | 2024.03.2 | CWE-863 | CVE-2024-36377 |
TeamCity | Server was susceptible to DoS attacks with incorrect auth tokens (TW-87071) | Medium | 2024.03.2 | CWE-770 | CVE-2024-36378 |
TeamCity | Authentication bypass was possible in specific edge cases even when the security patch plugin is intstalled (TW-86860) | High | 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 | CWE-288 | CVE-2024-36470 |
TeamCity | Several Stored XSS in the available updates page were possible (TW-87050) | Low | 2024.03.1 | CWE-79 | CVE-2024-35300 |
TeamCity | Commit status publisher didn't check project scope of the GitHub App token (TW-86523) | Medium | 2024.03.1 | CWE-280 | CVE-2024-35301 |
TeamCity | Stored XSS during restore from backup was possible (TW-82309) | Medium | 2023.11 | CWE-79 | CVE-2024-35302 |
TeamCity | Authenticated users without administrative permissions could register other users when self-registration was disabled (TW-87046) | Medium | 2024.03 | CWE-863 | CVE-2024-31134 |
TeamCity | Open redirect was possible on the login page (TW-87062) | Medium | 2024.03 | CWE-601 | CVE-2024-31135 |
TeamCity | 2FA could be bypassed by providing a special URL parameter (TW-86989) | High | 2024.03 | CWE-1288 | CVE-2024-31136 |
TeamCity | Reflected XSS was possible via Space connection configuration. Reported by Linh Dinh (TW-86832) | Medium | 2024.03 | CWE-79 | CVE-2024-31137 |
TeamCity | XSS was possible via Agent Distribution settings. Reported by Alex Williams from Trend Micro (TW-86535) | Medium | 2024.03 | CWE-79 | CVE-2024-31138 |
TeamCity | XXE was possible in the Maven build steps detector (TW-86300) | Medium | 2024.03 | CWE-611 | CVE-2024-31139 |
TeamCity | Server administrators could remove arbitrary files from the server by installing tools (TW-86039) | Medium | 2024.03 | CWE-1288 | CVE-2024-31140 |
TeamCity | Users with access to the agent machine might obtain permissions of the user running the agent process (TW-83048) | Medium | 2023.11 | CWE-749 | CVE-2024-29880 |
TeamCity | Custom build parameters of the "password" type could be disclosed (TW-86403) | Medium | 2023.11.4 | CWE-201 | CVE-2024-28173 |
TeamCity | Presigned URL generation requests in S3 Artifact Storage plugin were authorized improperly (TW-85562) | Medium | 2023.11.4 | CWE-863 | CVE-2024-28174 |
TeamCity | Authentication bypass allowing to perform admin actions was possible. Reported by Rapid7 team (TW-86500) | Critical | 2023.11.4 | CWE-288 | CVE-2024-27198 |
TeamCity | Path traversal allowing to perform limited admin actions was possible. Reported by Rapid7 team (TW-86502) | High | 2023.11.4 | CWE-23 | CVE-2024-27199 |
TeamCity | Path traversal allowed reading data within JAR archives. Reported by Sndav Bai and Crispr Xiang from TianShu Dubhe Team (TW-86017) | Medium | 2023.11.3 | CWE-23 | CVE-2024-24942 |
TeamCity | Authentication bypass leading to RCE was possible. Reported by Sndav Bai and Crispr Xiang from TianShu Dubhe Team (TW-86005) | Critical | 2023.11.3 | CWE-288 | CVE-2024-23917 |
TeamCity | Access control at the S3 Artifact Storage plugin endpoint was missed (TW-85499) | Medium | 2023.11.2 | CWE-285 | CVE-2024-24936 |
TeamCity | Stored XSS via agent distribution was possible (TW-85880) | Medium | 2023.11.2 | CWE-79 | CVE-2024-24937 |
TeamCity | Limited directory traversal was possible in the Kotlin DSL documentation (TW-85585) | Medium | 2023.11.2 | CWE-23 | CVE-2024-24938 |
TeamCity | A CSRF on login was possible (TW-84796) | Medium | 2023.11.1 | CWE-352 | CVE-2023-50870 |
TeamCity | Authentication bypass leading to RCE on TeamCity Server was possible. Reported by Stefan Schiller from Sonar (TW-83545) | Critical | 2023.05.4 | CWE-288 | CVE-2023-42793 |
TeamCity | Stored XSS was possible during nodes configuration (TW-83216) | Low | 2023.05.4 | CWE-79 | CVE-2023-43566 |
TeamCity | Stored XSS was possible during Cloud Profiles configuration (TW-82867, TW-82475) | Medium | 2023.05.3 | CWE-79 | CVE-2023-41248 |
TeamCity | Reflected XSS was possible during copying Build Step (TW-82869) | Medium | 2023.05.3 | CWE-79 | CVE-2023-41249 |
TeamCity | Reflected XSS was possible during user registration (TW-82876) | Low | 2023.05.3 | CWE-79 | CVE-2023-41250 |
TeamCity | A token with limited permissions could be used to gain full account access (TW-82485) | Medium | 2023.05.2 | CWE-266 | CVE-2023-39173 |
TeamCity | A ReDoS attack was possible via integration with issue trackers (TW-82283) | Medium | 2023.05.2 | CWE-1333 | CVE-2023-39174 |
TeamCity | Reflected XSS via GitHub integration was possible (TW-82472) | Medium | 2023.05.2 | CWE-79 | CVE-2023-39175 |
TeamCity | Stored XSS when using a custom theme was possible (TW-82270) | Medium | 2023.05.1 | CWE-79 | CVE-2023-38061 |
TeamCity | Parameters of the "password" type could be shown in the UI in certain composite build configurations (TW-82022) | Medium | 2023.05.1 | CWE-200 | CVE-2023-38062 |
TeamCity | Stored XSS while running custom builds was possible (TW-81723) | Medium | 2023.05.1 | CWE-79 | CVE-2023-38063 |
TeamCity | Build chain parameters of the "password" type could be written to the agent log (TW-81846) | Medium | 2023.05.1 | CWE-532 | CVE-2023-38064 |
TeamCity | Stored XSS while viewing the build log was possible (TW-81777) | Medium | 2023.05.1 | CWE-79 | CVE-2023-38065 |
TeamCity | Reflected XSS via the Referer header was possible during artifact downloads (TW-80993) | Medium | 2023.05.1 | CWE-79 | CVE-2023-38066 |
TeamCity | Build parameters of the "password" type could be written to the agent log (TW-80002) | Medium | 2023.05.1 | CWE-532 | CVE-2023-38067 |
TeamCity | Bypass of permission checks allowing to perform admin actions was possible. Reported by Isaac Peka (TW-81566) | Critical | 2023.05, 2022.10.4 | CWE-863 | CVE-2023-34218 |
TeamCity | Improper permission checks allowed users without appropriate permissions to edit Build Configuration settings via REST API. Reported by Olof Lindberg (TW-80538) | Medium | 2023.05, 2022.10.4 | CWE-285 | CVE-2023-34219 |
TeamCity | Stored XSS in the Commit Status Publisher window was possible (TW-80262) | Medium | 2023.05, 2022.10.4 | CWE-79 | CVE-2023-34220 |
TeamCity | Stored XSS in the Show Connection page was possible (TW-81182) | Medium | 2023.05 | CWE-79 | CVE-2023-34221 |
TeamCity | Possible XSS in the Plugin Vendor URL was possible (TW-80378) | Medium | 2023.05 | CWE-79 | CVE-2023-34222 |
TeamCity | Parameters of the "password" type from build dependencies could be logged in some cases (TW-81338) | Medium | 2023.05 | CWE-532 | CVE-2023-34223 |
TeamCity | Open redirect during oAuth configuration was possible (TW-79888) | Medium | 2023.05 | CWE-601 | CVE-2023-34224 |
TeamCity | Stored XSS in the NuGet feed page was possible (TW-81031) | Medium | 2023.05 | CWE-79 | CVE-2023-34225 |
TeamCity | Reflected XSS in the Subscriptions page was possible (TW-80881) | Medium | 2023.05 | CWE-79 | CVE-2023-34226 |
TeamCity | A specific endpoint was vulnerable to brute force attacks (TW-80842) | Medium | 2023.05, 2022.10.4 | CWE-749 | CVE-2023-34227 |
TeamCity | Authentication checks were missing – 2FA was not checked for some sensitive account actions (TW-73544) | Medium | 2023.05 | CWE-308 | CVE-2023-34228 |
TeamCity | Stored XSS in GitLab Connection page was possible (TW-80174) | Medium | 2023.05, 2022.10.4 | CWE-79 | CVE-2023-34229 |
TeamCity | Stored XSS in Perforce connection settings was possible (TW-79891) | Medium | 2022.10.3 | CWE-79 | CVE-2022-48426 |
TeamCity | Stored XSS on “Pending changes” and “Changes” tabs was possible (TW-80199) | Medium | 2022.10.3 | CWE-79 | CVE-2022-48427 |
TeamCity | Stored XSS on the SSH keys page was possible (TW-80097) | Medium | 2022.10.3 | CWE-79 | CVE-2022-48428 |
TeamCity | JVMTI was enabled by default on agents. Reported by Hj Chai (TW-78552) | Medium | 2022.10.2 | CWE-1188 | CVE-2022-48342 |
TeamCity | There was an XSS vulnerability in the user creation process (TW-78783) | Medium | 2022.10.2 | CWE-79 | CVE-2022-48343 |
TeamCity | There was an XSS vulnerability in the group creation process (TW-78786) | Medium | 2022.10.2 | CWE-79 | CVE-2022-48344 |
TeamCity | A custom STS endpoint allowed internal port scanning (TW-78415) | Medium | 2022.10.1 | CWE-918 | CVE-2022-46830 |
TeamCity | Connecting to AWS using the "Default Credential Provider Chain" allowed TeamCity project administrators to access AWS resources normally limited to TeamCity system administrators (TW-78416) | Medium | 2022.10.1 | CWE-453 | CVE-2022-46831 |
TeamCity | Excessive access permissions for secure token health items (TW-73518) | Low | 2022.10 | CWE-284 | CVE-2022-44622 |
TeamCity | Project Viewer could see scrambled secure values in the MetaRunner settings (TW-76796) | Medium | 2022.10 | CWE-538 | CVE-2022-44623 |
TeamCity | Password parameters could be exposed in the build log if they contained special characters (TW-77048) | Medium | 2022.10 | CWE-532 | CVE-2022-44624 |
TeamCity | No audit items were added upon editing a user's settings (TW-75537) | Low | 2022.10 | CWE-223 | CVE-2022-44646 |
TeamCity | Environmental variables of "password" type could be logged when using custom Perforce executable. Reported by Pierre Hosteins and Yvan Serykh (TW-77474) | Medium | 2022.04.4 | CWE-532 | CVE-2022-40979 |
TeamCity | The private SSH key could be written to the server log in some cases (TW-76758) | Low | 2022.04.3 | CWE-532 | CVE-2022-38133 |
TeamCity | The private SSH key could be written to the build log in some cases (TW-76651) | Medium | 2022.04.2 | CWE-532 | CVE-2022-36321 |
TeamCity | Build parameter injection was possible. Reported by Micky Sung (TW-76356) | Medium | 2022.04.2 | CWE-88 | CVE-2022-36322 |
TeamCity | Reflected XSS on the Build Chain Status page (TW-75231) | Medium | 2022.04 | CWE-79 | CVE-2022-29927 |
TeamCity | Possible leak of secrets in TeamCity agent logs (TW-74263, TW-68807) | Medium | 2022.04 | CWE-532 | CVE-2022-29928 |
TeamCity | Potential XSS via Referrer header (TW-75605) | Low | 2022.04 | CWE-79 | CVE-2022-29929 |
TeamCity | Reflected XSS (TW-74044) | Medium | 2021.2.2 | CWE-79 | CVE-2022-25261 |
TeamCity | OS command injection in the Agent Push feature configuration. Reported by Cristian Chavez (TW-74822) | High | 2021.2.3 | CWE-78 | CVE-2022-25263 |
TeamCity | Environmental variables of "password" type could be logged in some cases (TW-74625) | Medium | 2021.2.3 | CWE-532 | CVE-2022-25264 |
TeamCity | A redirect to an external site was possible (TW-71113) | Low | 2021.2.1 | CWE-601 | CVE-2022-24330 |
TeamCity | Logout failed to remove the "Remember Me" cookie (TW-72969) | Low | 2021.2 | CWE-613 | CVE-2022-24332 |
TeamCity | GitLab authentication impersonation. Reported by Christian Pedersen (TW-73375) | High | 2021.1.4 | CWE-285 | CVE-2022-24331 |
TeamCity | The "Agent push" feature allowed any private key on the server to be selected (TW-73399) | Low | 2021.2.1 | CWE-284 | CVE-2022-24334 |
TeamCity | Blind SSRF via an XML-RPC call. Reported by Artem Godin (TW-73465) | Medium | 2021.2 | CWE-918 | CVE-2022-24333 |
TeamCity | Time-of-check/Time-of-use (TOCTOU) vulnerability in agent registration via XML-RPC. Reported by Artem Godin (TW-73468) | High | 2021.2 | CWE-367 | CVE-2022-24335 |
TeamCity | An unauthenticated attacker could cancel running builds via an XML-RPC request to the TeamCity server. Reported by Artem Godin (TW-73469) | Medium | 2021.2.1 | CWE-284 | CVE-2022-24336 |
TeamCity | Pull-requests' health items were shown to users without appropriate permissions (TW-73516) | Low | 2021.2 | CWE-284 | CVE-2022-24337 |
TeamCity | Stored XSS. Reported by Yurii Sanin (TW-73737) | Medium | 2021.2.1 | CWE-79 | CVE-2022-24339 |
TeamCity | URL injection leading to CSRF. Reported by Yurii Sanin (TW-73859) | Medium | 2021.2.1 | CWE-352 | CVE-2022-24342 |
TeamCity | Changing a password failed to terminate sessions of the edited user (TW-73888) | Low | 2021.2.1 | CWE-613 | CVE-2022-24341 |
TeamCity | XXE during the parsing of a configuration file (TW-73932) | Medium | 2021.2.1 | CWE-611 | CVE-2022-24340 |
TeamCity | Reflected XSS (TW-74043) | Medium | 2021.2.1 | CWE-79 | CVE-2022-24338 |
TeamCity | User enumeration was possible (TW-70167) | Low | 2021.1.2 | CWE-200 | CVE-2021-43194 |
TeamCity | RCE in agent push functionality. Reported by Eduardo Castellanos (TW-70384) | High | 2021.1.2 | CWE-78 | CVE-2021-43193 |
TeamCity | Information disclosure via Docker Registry connection dialog (TW-70459) | Medium | 2021.1 | CWE-200 | CVE-2021-43196 |
TeamCity | Some HTTP Security Headers were missed (TW-71376) | Low | 2021.1.2 | CWE-693 | CVE-2021-43195 |
TeamCity | Email notifications could include unescaped HTML (TW-71981) | Low | 2021.1.2 | CWE-116 | CVE-2021-43197 |
TeamCity | Insufficient permissions checks in create patch functionality (TW-71982) | Low | 2021.1.2 | CWE-285 | CVE-2021-43199 |
TeamCity | Stored XSS (TW-72007) | Low | 2021.1.2 | CWE-79 | CVE-2021-43198 |
TeamCity | Insufficient permissions checks in agent push functionality (TW-72177) | Low | 2021.1.2 | CWE-285 | CVE-2021-43200 |
TeamCity | X-Frame-Options Header was missed in some cases (TW-72464) | Low | 2021.1.3 | CWE-693 | CVE-2021-43202 |
TeamCity | A newly created project could take settings from already deleted project (TW-72521) | Medium | 2021.1.3 | CWE-459 | CVE-2021-43201 |
TeamCity | Potential XSS (TW-61688) | High | 2020.2.3 | CWE-79 | CVE-2021-37542 |
TeamCity | Insecure deserialization (TW-70057, TW-70080) | High | 2020.2.4 | CWE-502 | CVE-2021-37544 |
TeamCity | Insufficient authentication checks for agent requests (TW-70166) | High | 2021.1.1 | CWE-287 | CVE-2021-37545 |
TeamCity | Insecure key generation for encrypted properties (TW-70201) | Low | 2021.1 | CWE-335 | CVE-2021-37546 |
TeamCity | Insufficient checks during file uploading (TW-70546) | Medium | 2020.2.4 | CWE-434 | CVE-2021-37547 |
TeamCity | Passwords in plain text sometimes could be stored in VCS (TW-71008) | Medium | 2021.1 | CWE-540 | CVE-2021-37548 |
TeamCity | Potential XSS on the test history page (TW-67710) | Medium | 2020.2.2 | CWE-79 | CVE-2021-31904 |
TeamCity | TeamCity IntelliJ Plugin DOS. Reported by Jonathan Leitschuh (TW-69070) | Low | 2020.2.2 | CWE-770 | CVE-2021-26310 |
TeamCity | Local information disclosure via temporary file in TeamCity IntelliJ Plugin. Reported by Jonathan Leitschuh (TW-69420) | Low | 2020.2.2 | CWE-378 | CVE-2021-26309 |
TeamCity | Insufficient audit when an administrator uploads a file (TW-69511) | Low | 2020.2.2 | CWE-778 | CVE-2021-31906 |
TeamCity | Improper permission checks for changing TeamCity plugins (TW-69521) | Low | 2020.2.2 | CWE-732 | CVE-2021-31907 |
TeamCity | Potential XSS on the test page. Reported by Stephen Patches (TW-69737) | Low | 2020.2.2 | CWE-79 | CVE-2021-3315 |
TeamCity | Argument Injection leading to RCE (TW-70054) | High | 2020.2.3 | CWE-78 | CVE-2021-31909 |
TeamCity | Stored XSS on several pages (TW-70078, TW-70348) | Medium | 2020.2.3 | CWE-79 | CVE-2021-31908 |
TeamCity | Information disclosure via SSRF (TW-70079) | High | 2020.2.3 | CWE-918 | CVE-2021-31910 |
TeamCity | Reflected XSS on several pages (TW-70093, TW-70094, TW-70095, TW-70096, TW-70137) | Medium | 2020.2.3 | CWE-79 | CVE-2021-31911 |
TeamCity | Potential account takeover during password reset (TW-70303) | Medium | 2020.2.3 | CWE-640 | CVE-2021-31912 |
TeamCity | Insufficient checks of the redirect_uri during GitHub SSO token exchange (TW-70358) | Low | 2020.2.3 | CWE-601 | CVE-2021-31913 |
TeamCity | Arbitrary code execution on TeamCity Server running on Windows. Reported by Chris Moore (TW-70512) | High | 2020.2.4 | CWE-829 | CVE-2021-31914 |
TeamCity | Command injection leading to RCE. Reported by Chris Moore (TW-70541) | High | 2020.2.4 | CWE-78 | CVE-2021-31915 |
TeamCity | Reflected XSS on several pages (TW-67424, TW-68098) | Medium | 2020.2 | Not applicable | CVE-2021-25773 |
TeamCity | TeamCity server DoS was possible via server integration (TW-68406, TW-68780) | Low | 2020.2.2 | Not applicable | CVE-2021-25772 |
TeamCity | ECR token exposure in the build's parameters (TW-68515) | Medium | 2020.2 | Not applicable | CVE-2021-25776 |
TeamCity | User could get access to GitHub access token of another user (TW-68646) | Low | 2020.2.1 | Not applicable | CVE-2021-25774 |
TeamCity | Server admin could create and see access tokens for any other users (TW-68862) | Low | 2020.2.1 | Not applicable | CVE-2021-25775 |
TeamCity | Improper permissions checks during user deletion (TW-68864) | Low | 2020.2.1 | Not applicable | CVE-2021-25778 |
TeamCity | Improper permissions checks during tokens removal (TW-68871) | Low | 2020.2.1 | Not applicable | CVE-2021-25777 |
TeamCity | TeamCity Plugin SSRF. Vulnerability that could potentially expose user credentials. Reported by Jonathan Leitschuh (TW-69068) | High | 2020.2.85695 | Not applicable | CVE-2020-35667 |
TeamCity | URL injection was possible (TW-44171) | Low | 2020.1.2 | Not applicable | CVE-2020-27627 |
TeamCity | Guest user had access to audit records (TW-67750) | Medium | 2020.1.5 | Not applicable | CVE-2020-27628 |
TeamCity | Secure dependency parameters could be not masked in depending builds when there are no internal artifacts (TW-67775) | High | 2020.1.5 | Not applicable | CVE-2020-27629 |
TeamCity | Users were able to assign more permissions than they had. (TW-36158) | Low | 2020.1 | Not applicable | CVE-2020-15826 |
TeamCity | Users with "Modify group" permission can elevate other users privileges. (TW-58858) | Medium | 2020.1 | Not applicable | CVE-2020-15825 |
TeamCity | Password parameters could be disclosed via build logs. (TW-64484) | Low | 2019.2.3 | Not applicable | CVE-2020-15829 |
TeamCity | Project parameter values could be retrieved by a user without appropriate permissions. (TW-64587) | High | 2020.1.1 | Not applicable | CVE-2020-15828 |
TeamCity | Reflected XSS on administration UI. (TW-64668) | High | 2019.2.3 | Not applicable | CVE-2020-15831 |
TeamCity | Stored XSS on administration UI. (TW-64699) | High | 2019.2.3 | Not applicable | CVE-2020-15830 |
TeamCity | Passwords values were shown not being masked on several pages (TW-64186) | Low | 2019.2.2 | Not applicable | CVE-2020-11687 |
TeamCity | Project administrator was able to see scrambled password parameters used in a project (TW-58099) | Medium | 2019.2.2 | Not applicable | CVE-2020-11938 |
TeamCity | Project administrator was able to retrieve some TeamCity server settings (TW-61626) | Low | 2019.1.4 | Not applicable | CVE-2020-11686 |
TeamCity | Application state kept alive after a user ends his session (TW-61824) | Low | 2019.2.1 | Not applicable | CVE-2020-11688 |
TeamCity | A user without appropriate permissions was able import settings from settings.kts (TW-63698) | Low | 2019.2.1 | Not applicable | CVE-2020-11689 |
TeamCity | Reverse Tabnabbing is possible on several pages. (TW-61710, TW-61726, TW-61727) | Low | 2019.1.5 | Not applicable | CVE-2020-7908 |
TeamCity | Some server-stored passwords can be shown via web UI. (TW-62674) | High | 2019.1.5 | Not applicable | CVE-2020-7909 |
TeamCity | Possible stored XSS attack by a user with a developer role. (TW-63298) | Medium | 2019.2 | Not applicable | CVE-2020-7910 |
TeamCity | Stored XSS on user-level pages. (TW-63160) | High | 2019.2 | Not applicable | CVE-2020-7911 |
TeamCity | Access could be gained to the history of builds of a deleted build configuration under some circumstances. TW-60957 | Medium | 2019.1.2 | Not applicable | CVE-2019-18363 |
TeamCity | Insecure Java Deserialization could potentially allow RCE. TW-61928 reported by Aleksei "GreenDog" Tiurin. | Medium | 2019.1.4 | Not applicable | CVE-2019-18364 |
TeamCity | Reverse tabnabbing was possible on several pages. TW-61323, TW-61725,TW-61726, TW-61646,TW-62123 | Low | 2019.1.4 | Not applicable | CVE-2019-18365 |
TeamCity | Secure values could be exposed to users with the ‘View build runtime parameters and data’ permission. | Low | 2019.1.2 | Not applicable | CVE-2019-18366 |
TeamCity | A non-destructive operation could be performed by a user without the corresponding permissions. TW-61107 | Low | 2019.1.2 | Not applicable | CVE-2019-18367 |
TeamCity | Previously used unencrypted passwords were suggested by a web browser’s auto-completion. TW-59759 | Low | 2019.1 | CWE-200 | Not applicable |
TeamCity | VMWare plugin did not check SSL certificate. TW-59562 | Medium | 2019.1 | Not applicable | CVE-2019-15042 |
TeamCity | Remote Code Execution on the server with certain network configurations. TW-60430 | Medium | 2019.1 | Not applicable | CVE-2019-15039 |
TeamCity | Project administrator could get unauthorized access to server-level data. TW-60220 | High | 2019.1 | Not applicable | CVE-2019-15035 |
TeamCity | Project administrator could execute any command on the server machine. TW-60219 | High | 2019.1 | Not applicable | CVE-2019-15036 |
TeamCity | Security has been tightened thanks to using additional HTTP headers. TW-59034 | High | 2019.1 | Not applicable | CVE-2019-15038 |
TeamCity | Possible XSS vulnerabilities on the settings pages. TW-59870, TW-59852, TW-59817, TW-59838, TW-59816 | High | 2019.1 | Not applicable | CVE-2019-15037 |
TeamCity | XSS vulnerability. TW-61242, TW-61315 | High | 2019.1.2 | Not applicable | CVE-2019-15848 |
TeamCity | A possible stored JavaScript injection was detected. TW-59419 | Medium | 2018.2.3 | Not applicable | CVE-2019-12844 |
TeamCity | The generated Kotlin DSL settings allowed usage of an unencrypted connection for resolving artifacts. TW-59379 | Medium | 2018.2.3 | Not applicable | CVE-2019-12845 |
TeamCity | A possible stored JavaScript injection requiring a deliberate server administrator action was detected. TW-55640 | Medium | 2018.2.3 | Not applicable | CVE-2019-12843 |
TeamCity | Incorrect handling of user input in ZIP extraction. TW-57143 | Medium | 2018.2.2 | Not applicable | CVE-2019-12841 |
TeamCity | A reflected XSS on a user page was detected. TW-58661 | Medium | 2018.2.2 | Not applicable | CVE-2019-12842 |
TeamCity | A user without the required permissions could gain access to some settings. TW-58571 | Medium | 2018.2.2 | Not applicable | CVE-2019-12846 |
TeamCity | Reflected XSS on user-level pages. TW-58065, TW-58234 | High | 2018.2 | Not applicable | Not applicable |
TeamCity | Stored XSS on the build details page. TW-58129, TW-58138 | High | 2018.2 | Not applicable | Not applicable |
TeamCity | Exposure of sensitive parameter value to a privileged user was possible. TW-56946 | Medium | 2018.1.3 | Not applicable | Not applicable |
TeamCity | CSRF vulnerability. TW-55992 | Medium | 2018.1.1 | Not applicable | Not applicable |
TeamCity | Change of project settings can corrupt settings of other projects. TW-55704 | Low | 2018.1.1 | Not applicable | Not applicable |
TeamCity | Possible privilege escalation while viewing agent details. TW-56025 | Medium | 2018.1.1 | Not applicable | Not applicable |
TeamCity | Possible unvalidated redirect. TW-56085 | Medium | 2018.1.2 | Not applicable | Not applicable |
TeamCity | Reflected XSS vulnerabilities. TW-56490, TW-56375, TW-56374 | Medium | 2018.1.2 | Not applicable | Not applicable |
TeamCity | Stored XSS vulnerabilities. TW-56830, TW-56719 | Medium | 2018.1.3 | Not applicable | Not applicable |
TeamCity | Stored XSS vulnerabilities. TW-55214, TW-56126, TW-56127, TW-56452, TW-56571 | Medium | 2018.1.2 | Not applicable | Not applicable |
TeamCity | Possible privilege escalation to server administrator. TW-55209 | High | 2018.1 | Not applicable | Not applicable |
TeamCity | CSRF attack vulnerability. TW-55210 | High | 2018.1 | Not applicable | Not applicable |
TeamCity | Possible privilege escalation from project administrator to server administrator. TW-55211, TW-55684 | High | 2018.1 | Not applicable | Not applicable |
TeamCity | Possible unauthorized removal of installation data by project administrator. TW-54876 | High | 2018.1 | Not applicable | Not applicable |
TeamCity | Network access to an agent allowed potential unauthorized control over the agent. TW-49335 | Medium | 2018.1 | Not applicable | Not applicable |
TeamCity | In a very specific scenario, an attacker could steal web responses meant for other users. TW-54486 | Medium | 2018.1 | Not applicable | Not applicable |
TeamCity | Stored XSS vulnerabilities on various pages. TW-27206, TW-54129, TW-55453, TW-55215, TW-55217, TW-55353 | Medium | 2018.1 | Not applicable | Not applicable |
TeamCity | Project viewer could delete non-critical project settings. TW-55261 | Medium | 2018.1 | Not applicable | Not applicable |
TeamCity | Network access to a server allowed potential read access to project settings. TW-54870 | Medium | 2018.1 | Not applicable | Not applicable |
TeamCity | Project viewer could affect details of some running builds. TW-54975 | Medium | 2018.1 | Not applicable | Not applicable |
TeamCity | Reflected XSS vulnerabilities on various pages. TW-55212, TW-55213 | Medium | 2018.1 | Not applicable | Not applicable |
TeamCity | User self-registration might have been enabled by default on new server installation. TW-54741 | Medium | 2017.2.4, 2018.1 | Not applicable | Not applicable |
TeamCity | Possible vulnerability to ClickJacking attack from TeamCity UI. TW-33819 | Medium | 2017.2.4, 2018.1 | Not applicable | Not applicable |
TeamCity | Project viewer could bypass the "View build runtime parameters and data" permission. TW-55502 | Low | 2018.1 | Not applicable | Not applicable |
TeamCity | Network access to a server exposed a vulnerability to DoS attacks. TW-11984 | Low | 2018.1 | Not applicable | Not applicable |
TeamCity | Potential to pass authorization cookies without secure flags. TW-55141 | Low | 2018.1 | Not applicable | Not applicable |
TeamCity | VCS preview allowed XSS attack (TW-54027) | Medium | 2017.2.3 | Not applicable | Not applicable |
TeamCity | Data Directory preview allowed XSS attack (TW-54021) | Low | 2017.2.3 | Not applicable | Not applicable |
TeamCity | vmWare plugin settings allowed XSS attack (TW-53984) | High | 2017.2.3 | Not applicable | Not applicable |
TeamCity | VCS settings allowed XSS attack (TW-53943, TW-53978) | High | 2017.2.3 | Not applicable | Not applicable |
TeamCity | Authentication bypass was possible with certain Windows server configuration (TW-53507) | Medium | 2017.2.2 | Not applicable | Not applicable |
TeamCity | Project administrator could run arbitrary code (TW-50054) | High | 2017.2.2 | Not applicable | Not applicable |
TeamCity | Build fields allowed XSS attack (TW-53466) | Medium | 2017.2.2 | Not applicable | Not applicable |
TeamCity | Multiple XSS vulnerabilities (reported by Viktor Gazdag of NCC Group) (TW-53442) | High | 2017.2.2 | Not applicable | Not applicable |