vulnerability
JetBrains TeamCity: CVE-2024-36368: Reflected XSS via OAuth provider configuration was possible (TW-83485)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:M/Au:S/C:P/I:P/A:N) | May 29, 2024 | Oct 15, 2024 | Sep 4, 2025 |
Severity
5
CVSS
(AV:N/AC:M/Au:S/C:P/I:P/A:N)
Published
May 29, 2024
Added
Oct 15, 2024
Modified
Sep 4, 2025
Description
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 reflected XSS via OAuth provider configuration was possible
Solution
jetbrains-teamcity-upgrade-latest
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.