CVE-2024-47951

CVSS 3.1 Score 3.5 of 10 (low)

Details

Published Oct 8, 2024
Updated: Oct 11, 2024
CWE ID 79

Summary

CVE-2024-47951 is a vulnerability present in JetBrains TeamCity versions prior to 2024.07.3, which allows for stored Cross-Site Scripting (XSS) attacks via server global settings. The affected products include various iterations of TeamCity, potentially impacting organizations that rely on this software for project management and continuous integration. To remediate the vulnerability, users are advised to upgrade to version 2024.07.3 or later as soon as possible. The exploit requires high privileges and user interaction, but it poses a low base severity risk with a score of 3.5 on the CVSS scale, indicating low potential impact on confidentiality and integrity. Organizations should be aware that although the risk is assessed as low, the presence of XSS vulnerabilities can still lead to significant security concerns if exploited improperly.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share