JetBrains TeamCity prior 2022.04 Header Referrer cross site scripting

A vulnerability has been found in JetBrains TeamCity and classified as problematic. This vulnerability affects some unknown processing of the component Header Handler. Upgrading to version 2022.04 eliminates this vulnerability.

Field05/12/2022 12:52 PM05/14/2022 04:55 PM05/14/2022 05:03 PM
vendorJetBrainsJetBrainsJetBrains
nameTeamCityTeamCityTeamCity
componentHeader HandlerHeader HandlerHeader Handler
argumentReferrerReferrerReferrer
cwe79 (cross site scripting)79 (cross site scripting)79 (cross site scripting)
risk111
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prLLL
cvss3_vuldb_uiRRR
cvss3_vuldb_sUUU
cvss3_vuldb_cNNN
cvss3_vuldb_iLLL
cvss3_vuldb_aNNN
cvss3_vuldb_rlOOO
cvss3_vuldb_rcCCC
urlhttps://www.jetbrains.com/privacy-security/issues-fixed/https://www.jetbrains.com/privacy-security/issues-fixed/https://www.jetbrains.com/privacy-security/issues-fixed/
nameUpgradeUpgradeUpgrade
upgrade_version2022.042022.042022.04
cveCVE-2022-29929CVE-2022-29929CVE-2022-29929
cve_assigned165118320016511832001651183200
date1652306400 (05/12/2022)1652306400 (05/12/2022)1652306400 (05/12/2022)
cvss2_vuldb_avNNN
cvss2_vuldb_acLLL
cvss2_vuldb_ciNNN
cvss2_vuldb_iiPPP
cvss2_vuldb_aiNNN
cvss2_vuldb_rcCCC
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_auSSS
cvss2_vuldb_eNDNDND
cvss3_vuldb_eXXX
cvss2_vuldb_basescore4.04.04.0
cvss2_vuldb_tempscore3.53.53.5
cvss3_vuldb_basescore3.53.53.5
cvss3_vuldb_tempscore3.43.43.4
cvss3_meta_basescore3.53.53.6
cvss3_meta_tempscore3.43.43.5
price_0day$0-$5k$0-$5k$0-$5k
cve_nvd_summaryIn JetBrains TeamCity before 2022.04 potential XSS via Referrer header was possibleIn JetBrains TeamCity before 2022.04 potential XSS via Referrer header was possible
cvss3_cna_avN
cvss3_cna_acH
cvss3_cna_prL
cvss3_cna_uiR
cvss3_cna_sU
cvss3_cna_cL
cvss3_cna_iL
cvss3_cna_aN
cve_cnaJetBrains s.r.o.
cvss3_cna_basescore3.7

Want to stay up to date on a daily basis?

Enable the mail alert feature now!