JetBrains TeamCity 8 and 9 before 9.0.2 allows bypass of account-creation restrictions via a crafted request because the required request data can be deduced by reading HTML and JavaScript files that are returned to the web browser after an initial unauthenticated request.
Metrics
Affected Vendors & Products
References
History
Tue, 26 Nov 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-06-29T14:07:44.700Z
Updated: 2024-11-26T19:30:02.252Z
Reserved: 2015-01-22T00:00:00.000Z
Link: CVE-2015-1313
Vulnrichment
Updated: 2024-08-06T04:40:18.192Z
NVD
Status : Modified
Published: 2023-06-29T15:15:09.190
Modified: 2024-11-21T02:25:08.713
Link: CVE-2015-1313
Redhat
No data.