CVE-2026-49381

Name of the Vulnerable Software and Affected Versions JetBrains TeamCity versions prior to 2026.1

Description A stored cross-site scripting (XSS) issue exists on the SAML login page. Stored XSS occurs when an application receives data from a user and includes that data within its later HTTP responses in an unsafe way, allowing an attacker to execute malicious scripts in the victim's browser.

Recommendations Update to version 2026.1.