CVE-2024-36370

In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via OAuth connection settings was possible
Configurations

No configuration.

History

21 Nov 2024, 09:22

Type Values Removed Values Added
References () https://www.jetbrains.com/privacy-security/issues-fixed/ - () https://www.jetbrains.com/privacy-security/issues-fixed/ -

31 May 2024, 14:15

Type Values Removed Values Added
Summary
  • (es) En JetBrains TeamCity antes de 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 era posible XSS almacenado a través de la configuración de conexión OAuth
Summary (en) In JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via OAuth connection settings was possible (en) In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via OAuth connection settings was possible

29 May 2024, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-05-29 14:15

Updated : 2024-11-21 09:22


NVD link : CVE-2024-36370

Mitre link : CVE-2024-36370

CVE.ORG link : CVE-2024-36370


JSON object : View

Products Affected

No product.

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')