What the vulnerability does
01Description
In JetBrains TeamCity before 2025.03.3 reflected XSS on diskUsageBuildsStats page was possible
CVSS base score
4.8/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Key dates
02Disclosure timeline
June 23, 2025
CVE published
June 23, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-46957 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
CVE-2024-50339 GLPI vulnerable to unauthenticated session hijacking
CVE-2025-54853
CVE-2023-1881 Cross-site Scripting (XSS) - Stored in microweber/microweber
CVE-2026-57338 WordPress ARForms plugin <= 7.1.2 - Reflected Cross Site Scripting (XSS) vulnerability
