CVE-2024-36366 MEDIUM

CVE-2024-36366

Vendor Jetbrains

Product TeamCity

Weakness CWE-79 · XSS

Published May 29, 2024

Last update August 2, 2024

CVSS base score

5.4/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction Required

Confidentiality Low

Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

What the vulnerability does

01Description

In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 an XSS could be executed via certain report grouping and filtering operations

Key dates

May 29, 2024 CVE published

August 2, 2024 Record updated

External resources

Related vulnerabilities

CVE CVE-2024-36366

CWE CWE-79

CVSS 5.4 / MEDIUM

Vendor Jetbrains

Product TeamCity

Affected < 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5