CVE-2023-38065: XSS
First published: Wed Jul 12 2023(Updated: )
In JetBrains TeamCity before 2023.05.1 stored XSS while viewing the build log was possible
Credit: security@jetbrains.com security@jetbrains.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Jetbrains Teamcity | <2023.05.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of the stored XSS vulnerability in JetBrains TeamCity?
The vulnerability ID is CVE-2023-38065.
What is the severity of the vulnerability CVE-2023-38065?
The severity of the vulnerability CVE-2023-38065 is medium with a severity value of 5.4.
How does the stored XSS vulnerability in JetBrains TeamCity occur?
The stored XSS vulnerability in JetBrains TeamCity occurs while viewing the build log.
Which versions of JetBrains TeamCity are affected by the vulnerability CVE-2023-38065?
JetBrains TeamCity versions up to but excluding 2023.05.1 are affected.
How can I fix the stored XSS vulnerability in JetBrains TeamCity?
To fix the stored XSS vulnerability, update your JetBrains TeamCity installation to version 2023.05.1 or higher.
- collector/nvd-latest
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- vendor/jetbrains
- canonical/jetbrains teamcity