What the vulnerability does
01Description
In JetBrains TeamCity before 2024.07 stored XSS was possible on the Code Inspection tab
CVSS base score
4.6/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
Key dates
02Disclosure timeline
July 22, 2024
CVE published
August 2, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2021-24902 Typebot < 1.4.3 - Admin+ Stored Cross Site Scripting
CVE-2022-23054 Openmct XSS via the “Summary Widget”
CVE-2024-52457 WordPress Youneeq Recommendations plugin <= 3.0.7 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-46350 Yeswiki Vulnerable to Authenticated Reflected Cross-site Scripting
CVE-2024-3583 Simple Like Page Plugin <= 1.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
