PT-2024-2528 · Jetbrains · Jetbrains Teamcity+1
Published
2024-03-27
·
Updated
2024-04-08
·
CVE-2024-31135
CVSS v2.0
6.4
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
JetBrains TeamCity versions prior to 2024.03
Description
The issue is related to an open redirect vulnerability on the login page of JetBrains TeamCity. This could allow a remote attacker to redirect a user to an arbitrary URL.
Recommendations
For versions prior to 2024.03, update to version 2024.03 or later to resolve the issue. As a temporary workaround, consider restricting access to the login page to minimize the risk of exploitation.
Fix
Open Redirect
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Jetbrains Teamcity
Teamcity