For providers

In JetBrains TeamCity before 2024.12 improper access control allowed viewing details of unauthorized agents

In JetBrains TeamCity before 2024.12 improper access control allowed unauthorized users to modify build logs

In JetBrains TeamCity before 2024.12 build credentials allowed unauthorized viewing of projects

In JetBrains TeamCity before 2024.12 access tokens were not revoked after removing user roles

In JetBrains TeamCity before 2024.12 stored XSS was possible via image name on the agent details page

In JetBrains TeamCity before 2024.12 backup file exposed user credentials and session cookies

In JetBrains TeamCity before 2024.12 password field value were accessible to users with view settings permission

In JetBrains TeamCity before 2024.12 missing Content-Type header in RemoteBuildLogController response could lead to XSS

In JetBrains TeamCity before 2024.12 insecure XMLParser configuration could lead to potential XXE attack

Ticket management system in DirectAdmin Evolution Skin is vulnerable to XSS (Cross-site Scripting), which allows a low-privileged user to inject and store malicious JavaScript code. If an admin...