Exposição de TeamCity
CI43
score de exposição
1
sites usam
3
em exploração
4
críticos
CVEs
176 resultadosCVE-2026-44413HIGHIn JetBrains TeamCity before 2026.1
2025.11.5 authenticated users could expose server API to unauthorised accessEPSS 0.3%CVE-2024-36371MEDIUMIn JetBrains TeamCity before 2023.05.6, 2023.11.5 stored XSS in Commit status publisher was possibleEPSS 0.3%CVE-2026-49371HIGHIn JetBrains TeamCity before 2026.1.1 reflected XSS in the keyword filter was possibleEPSS 0.3%CVE-2026-49379MEDIUMIn JetBrains TeamCity before 2026.1 credentials could be exposed in thread namesEPSS 0.2%CVE-2024-43808LOWIn JetBrains TeamCity before 2024.07.1 self XSS was possible in the HashiCorp Vault pluginEPSS 0.2%CVE-2025-54538MEDIUMIn JetBrains TeamCity before 2025.07 password exposure was possible via command line in the "hg pull" commandEPSS 0.2%CVE-2025-54537MEDIUMIn JetBrains TeamCity before 2025.07 user credentials were stored in plain text in memory snapshotsEPSS 0.2%CVE-2024-29880MEDIUMIn JetBrains TeamCity before 2023.11 users with access to the agent machine might obtain permissions of the user running the agent processEPSS 0.2%CVE-2024-56356MEDIUMIn JetBrains TeamCity before 2024.12 insecure XMLParser configuration could lead to potential XXE attackEPSS 0.2%CVE-2026-49374HIGHIn JetBrains TeamCity before 2026.1 improper permission checks exposed build configuration parametersEPSS 0.2%CVE-2026-49375MEDIUMIn JetBrains TeamCity before 2026.1,
2025.11.5 reflected XSS was possible on the repository download pageEPSS 0.2%CVE-2026-49378MEDIUMIn JetBrains TeamCity before 2026.1 credentials parameters were exposed via parameter autocompletionEPSS 0.2%CVE-2026-49376MEDIUMIn JetBrains TeamCity before 2026.1 insufficient username validation in the SAML pluginEPSS 0.2%CVE-2026-49381LOWIn JetBrains TeamCity before 2026.1 stored XSS on the SAML login page was possibleEPSS 0.2%CVE-2025-54532MEDIUMIn JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via snapshot dependenciesEPSS 0.2%CVE-2025-54533MEDIUMIn JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via VCS configurationEPSS 0.2%CVE-2025-68164LOWIn JetBrains TeamCity before 2025.11 port enumeration was possible via the Perforce connection testEPSS 0.2%CVE-2025-47854MEDIUMIn JetBrains TeamCity before 2025.03.2 open redirect was possible on editing VCS Root pageEPSS 0.2%CVE-2025-67740LOWIn JetBrains TeamCity before 2025.11 improper access control could expose GitHub App token's metadataEPSS 0.2%CVE-2025-68162LOWIn JetBrains TeamCity before 2025.11 maven embedder allowed loading extensions via project configurationEPSS 0.2%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →