stefan-500

2 exploits Active since Feb 2021
CVE-2023-45612 NOMISEC HIGH WRITEUP
JetBrains Ktor < 2.3.5 - XML External Entity Injection via Default ContentNegotiation
In JetBrains Ktor before 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE
CVSS 8.6
CVE-2020-35667 NOMISEC HIGH WORKING POC
JetBrains TeamCity < 2020.2.85695 - Server-Side Request Forgery
JetBrains TeamCity Plugin before 2020.2.85695 SSRF. Vulnerability that could potentially expose user credentials.
CVSS 7.5