CVE Catalog
CVE-2023-41250
LowCVSS 3.5Exploitation Probability (EPSS)
Low risk0.32%
23th percentile — higher than 23% of all known CVEs
Summary
In JetBrains TeamCity versions before 2023.05.3, reflected XSS was possible during user registration.
Risk Assessment
An attacker could exploit this vulnerability to inject malicious scripts, potentially leading to user data theft or session hijacking.
Recommendation
It is recommended to upgrade JetBrains TeamCity to version 2023.05.3 or later to mitigate this vulnerability.
Original NVD description (English source)
In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during user registration

