CVE-2022-48427
MEDIUMJetBrains TeamCity < 2022.10.3 - Stored Cross-Site Scripting on Pending Changes and Changes Tabs
Title source: llmDescription
In JetBrains TeamCity before 2022.10.3 stored XSS on “Pending changes” and “Changes” tabs was possible
References (1)
Core 1
Core References
Issue Tracking, Vendor Advisory
https://www.jetbrains.com/privacy-security/issues-fixed/
Scores
CVSS v3
4.6
EPSS
0.0008
EPSS Percentile
22.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-79
Status
published
Products (1)
jetbrains/teamcity
< 2022.10.3
Published
Mar 27, 2023
Tracked Since
Feb 18, 2026