CVE-2024-47951
CVSS 3.1 Score 3.5 of 10 (low)
Details
Summary
CVE-2024-47951 is a vulnerability present in JetBrains TeamCity versions prior to 2024.07.3, which allows for stored Cross-Site Scripting (XSS) attacks via server global settings. The affected products include various iterations of TeamCity, potentially impacting organizations that rely on this software for project management and continuous integration. To remediate the vulnerability, users are advised to upgrade to version 2024.07.3 or later as soon as possible. The exploit requires high privileges and user interaction, but it poses a low base severity risk with a score of 3.5 on the CVSS scale, indicating low potential impact on confidentiality and integrity. Organizations should be aware that although the risk is assessed as low, the presence of XSS vulnerabilities can still lead to significant security concerns if exploited improperly.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.