CVE-2022-29929 LOW

CVE-2022-29929

Vendor Jetbrains

Product TeamCity

Weakness CWE-79 · XSS

Published May 12, 2022

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

3.7/10

Attack vector Network

Attack complexity High

Privileges required Low

User interaction Required

Confidentiality Low

Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N

What the vulnerability does

01Description

In JetBrains TeamCity before 2022.04 potential XSS via Referrer header was possible

Key dates

02Disclosure timeline

May 12, 2022 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-29929 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2026-26997 ClipBucket v5 has Stored XSS via Collection name CVE-2023-45010 WordPress Complete Open Graph Plugin <= 3.4.5 is vulnerable to Cross Site Scripting (XSS) CVE-2026-3879 Stored XSS Vulnerability CVE-2025-10026 itsourcecode POS Point of Sale System -complex_header.php cross site scripting CVE-2024-32592 WordPress Void Elementor WHMCS Elements For Elementor Page Builder plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability