SB2025121167 - Multiple vulnerabilities in JetBrains TeamCity

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2025121167

SB2025121167 - Multiple vulnerabilities in JetBrains TeamCity

Published: December 11, 2025 Updated: December 29, 2025

Security Bulletin ID SB2025121167
Severity
Medium
Patch available
YES
Number of vulnerabilities 8
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Medium 13% Low 88%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 8 secuirty vulnerabilities.


1) Path traversal (CVE-ID: CVE-2025-67742)

The vulnerability allows a remote user to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences during file upload. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system.


2) Stored cross-site scripting (CVE-ID: CVE-2025-67741)

The disclosed vulnerability allows a remote user to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data passed via session atribute. A remote user can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.


3) Incorrect authorization (CVE-ID: CVE-2025-67740)

The vulnerability allows a remote user to gain access to sensitive information.

The vulnerability exists due to incorrect authorization checks. A remote user can obtain GitHub App token's metadata. 


4) Inclusion of Functionality from Untrusted Control Sphere (CVE-ID: CVE-2025-68162)

The vulnerability allows a remote user to perform spoofing attack.

The vulnerability exists due to the Maven embedder allows loading extensions via project configuration. A remote user can influence application integrity and perform spoofing attack. 


5) Stored cross-site scripting (CVE-ID: CVE-2025-68163)

The disclosed vulnerability allows a remote user to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote user can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.


6) Observable discrepancy (CVE-ID: CVE-2025-68164)

The vulnerability allows a remote user to gain access to sensitive information.

The vulnerability exists due to an error within the Perforce connection test implementation. A remote user can enumerate open ports. 



7) DOM-based cross-site scripting (CVE-ID: CVE-2025-68166)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data on the OAuth connections tab. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


8) Cross-site scripting (CVE-ID: CVE-2025-68165)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in VCS Root setup. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


Remediation

Install update from vendor's website.

References