Fixed security issues

This page contains information about resolved security issues, including description, severity, assigned CVEs, and the product versions in which they were resolved.

ProductDescriptionSeverityResolved InCWECVE
TeamCityA token with limited permissions could be used to gain full account access (TW-82485)Medium2023.05.2CWE-266CVE-2023-39173
TeamCityA ReDoS attack was possible via integration with issue trackers (TW-82283)Medium2023.05.2CWE-1333CVE-2023-39174
TeamCityReflected XSS via GitHub integration was possible (TW-82472)Medium2023.05.2CWE-79CVE-2023-39175
Product
TeamCity
Fix version
2023.05.2