CVE-2023-38061: XSS
First published: Wed Jul 12 2023(Updated: )
In JetBrains TeamCity before 2023.05.1 stored XSS when using a custom theme was possible
Credit: security@jetbrains.com security@jetbrains.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Jetbrains Teamcity | <2023.05.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this TeamCity vulnerability?
The vulnerability ID for this TeamCity vulnerability is CVE-2023-38061.
What is the title of this TeamCity vulnerability?
The title of this TeamCity vulnerability is 'In JetBrains TeamCity before 2023.05.1 stored XSS when using a custom theme was possible'.
What is the severity of CVE-2023-38061?
The severity of CVE-2023-38061 is medium, with a severity value of 5.4.
How does this vulnerability affect JetBrains TeamCity?
This vulnerability affects JetBrains TeamCity versions up to and exclusive of 2023.05.1.
How can I fix the CVE-2023-38061 vulnerability?
To fix the CVE-2023-38061 vulnerability, update your JetBrains TeamCity installation to version 2023.05.1 or later.
- collector/nvd-latest
- collector/nvd-index
- agent/author
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/nvd-api
- agent/software-canonical-lookup-request
- agent/references
- agent/weakness
- agent/severity
- agent/description
- agent/tags
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/jetbrains
- canonical/jetbrains teamcity