Maven build steps detector vulnerability
CVE-2024-31139
8.1HIGH
Summary
A cross-site scripting vulnerability exists in JetBrains TeamCity before version 2024.03, specifically affecting the Maven build steps detector. This flaw can be exploited to inject malicious scripts, potentially allowing attackers to compromise web interfaces and hijack user sessions. Organizations utilizing affected versions should prioritize remediation to safeguard their development environments and maintain code integrity. Regular updates and security assessments are recommended to mitigate exposure to such vulnerabilities.
Affected Version(s)
TeamCity 0 < 2024.03
References
CVSS V3.1
Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved