CVE-2023-41250 LOW

CVE-2023-41250

Vendor Jetbrains

Product TeamCity

Weakness CWE-79 · XSS

Published August 25, 2023

Last update September 27, 2024

View on NVD All CVEs

CVSS base score

3.5/10

Attack vector Network

Attack complexity Low

Privileges required High

User interaction Required

Confidentiality Low

Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N

What the vulnerability does

01Description

In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during user registration

Key dates

02Disclosure timeline

August 25, 2023 CVE published

September 27, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-41250 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2020-10630 CVE-2019-25742 WordPress Theme Zoner Real Estate 4.1.1 Persistent XSS CVE-2025-13692 Unlimited Elements For Elementor and Unlimited Elements For Elementor (Premium) <= 2.0 - Unauthenticated Stored Cross-Site Scripting via SVG File Upload CVE-2024-50462 WordPress Interactive World Map plugin <= 3.4.4 - Cross Site Scripting (XSS) vulnerability CVE-2024-13197 donglight bookstore电商书城系统说明 AdminUserControlle.java updateUser cross site scripting