Reflected XSS Vulnerability in JetBrains TeamCity Software
CVE-2023-41250

3.5LOW

Key Information:

Vendor

Jetbrains

Status
Vendor
CVE Published:
25 August 2023

What is CVE-2023-41250?

A reflected XSS vulnerability exists in JetBrains TeamCity before version 2023.05.3, allowing attackers to execute arbitrary scripts in the context of users registering on the platform. This vulnerability can lead to unauthorized actions and data theft if exploited, underscoring the importance of keeping software up to date to mitigate security risks.

Affected Version(s)

TeamCity 0 < 2023.05.3

References

CVSS V3.1

Score:
3.5
Severity:
LOW
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.