CVE-2024-35302

Name of the Vulnerable Software and Affected Versions JetBrains TeamCity versions prior to 2023.11

Description The issue is related to a stored XSS vulnerability during the restore from backup process. This could allow a remote attacker to conduct cross-site scripting attacks. The vulnerability is associated with the failure to protect the web page structure.

Recommendations For versions prior to 2023.11, update to version 2023.11 or later to resolve the issue. As a temporary workaround, consider restricting access to the backup restore functionality until a patch is applied.