PT-2020-19837 · Jetbrains · Teamcity
Published
2020-01-24
·
Updated
2021-07-21
·
CVE-2020-7908
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
JetBrains TeamCity versions prior to 2019.1.5
Description
The issue concerns reverse tabnabbing, which was possible on several pages. This means that an attacker could potentially manipulate the browser's behavior by opening a new tab with a malicious page, making it appear as if the new tab is related to the original page.
Recommendations
For versions prior to 2019.1.5, update to version 2019.1.5 or later to resolve the issue.
Fix
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Teamcity