{"vulnerability": "cve-2024-3636", "sightings": [{"uuid": "a4b51993-44ec-48c5-ac33-c6472a619e92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36363", "type": "seen", "source": "Telegram/DASdBAzd_yFqiCt-TEWD5i84DOJh0xCyfOR9Q_3VL29Y", "content": "", "creation_timestamp": "2024-05-29T18:53:28.000000Z"}, {"uuid": "350900b8-dc60-40d0-bb62-c6080471a581", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36364", "type": "seen", "source": "Telegram/DASdBAzd_yFqiCt-TEWD5i84DOJh0xCyfOR9Q_3VL29Y", "content": "", "creation_timestamp": "2024-05-29T18:53:28.000000Z"}, {"uuid": "09aa0ef7-1637-43bc-b2b2-29f1cbc2ce31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36369", "type": "seen", "source": "Telegram/DASdBAzd_yFqiCt-TEWD5i84DOJh0xCyfOR9Q_3VL29Y", "content": "", "creation_timestamp": "2024-05-29T18:53:28.000000Z"}, {"uuid": "b7d636dd-89cd-455c-a57d-1e933271bc87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36365", "type": "seen", "source": "Telegram/DASdBAzd_yFqiCt-TEWD5i84DOJh0xCyfOR9Q_3VL29Y", "content": "", "creation_timestamp": "2024-05-29T18:53:28.000000Z"}, {"uuid": "abd17788-68b2-4906-9935-f17066763b31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36366", "type": "seen", "source": "https://t.me/DARK_SPOT_TEAM/581", "content": "\ud83d\udea8 CVE-2024-36362\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 path traversal allowing to read files from server was possible\n\n\ud83d\udea8 CVE-2024-36363\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 several Stored XSS in code inspection reports were possible\n\n\n\n\ud83d\udea8 CVE-2024-36364\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 improper access control in Pull Requests and Commit status publisher build features was possible\n\n\n\n\ud83d\udea8 CVE-2024-36365\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 a third-party agent could impersonate a cloud agent\n\n\n\n\ud83d\udea8 CVE-2024-36366\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 an XSS could be executed via certain report grouping and filtering operations\n\n\n\n\ud83d\udea8 CVE-2024-36367\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via third-party reports was possible\n\n\n\n\ud83d\udea8 CVE-2024-36368\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 reflected XSS via OAuth provider configuration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36369\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via issue tracker integration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36370\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via OAuth connection settings was possible\n\n\n\ud83d\udea8 CVE-2024-36371\nIn JetBrains TeamCity before 2023.05.5, 2023.11.5 stored XSS in Commit status publisher was possible\n\n\n\ud83d\udea8 CVE-2024-36372\nIn JetBrains TeamCity before 2023.05.5 reflected XSS on the subscriptions page was possible\n\n\n\ud83d\udea8 CVE-2024-36373\nIn JetBrains TeamCity before 2024.03.2 several stored XSS in untrusted builds settings were possible", "creation_timestamp": "2024-05-29T18:53:28.000000Z"}, {"uuid": "95580f2f-9f3d-4699-8479-8e4a6bffbbd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36362", "type": "seen", "source": "Telegram/DASdBAzd_yFqiCt-TEWD5i84DOJh0xCyfOR9Q_3VL29Y", "content": "", "creation_timestamp": "2024-05-29T18:53:28.000000Z"}, {"uuid": "1cce86e5-63c8-4e36-8ee6-0c41132cb9ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36366", "type": "seen", "source": "Telegram/DASdBAzd_yFqiCt-TEWD5i84DOJh0xCyfOR9Q_3VL29Y", "content": "", "creation_timestamp": "2024-05-29T18:53:28.000000Z"}, {"uuid": "37bba874-976b-49d5-a7a3-b63ea0b05bda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36367", "type": "seen", "source": "Telegram/DASdBAzd_yFqiCt-TEWD5i84DOJh0xCyfOR9Q_3VL29Y", "content": "", "creation_timestamp": "2024-05-29T18:53:28.000000Z"}, {"uuid": "cf7fff5c-cee7-4518-9a50-5f7edd1d88e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-3636", "type": "seen", "source": "https://t.me/cvedetector/2436", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-3636 - Pinpoint Booking System WordPress Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-3636 \nPublished : Aug. 5, 2024, 6:16 a.m. | 26\u00a0minutes ago \nDescription : The Pinpoint Booking System  WordPress plugin before 2.9.9.4.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-05T08:53:27.000000Z"}, {"uuid": "0511a2e1-e4bf-4d52-a12b-1b57e9e3ce5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36367", "type": "seen", "source": "https://t.me/ZeroEthical_Course/320", "content": "\ud83d\udea8 CVE-2024-36362\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 path traversal allowing to read files from server was possible\n\n\ud83d\udea8 CVE-2024-36363\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 several Stored XSS in code inspection reports were possible\n\n\n\n\ud83d\udea8 CVE-2024-36364\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 improper access control in Pull Requests and Commit status publisher build features was possible\n\n\n\n\ud83d\udea8 CVE-2024-36365\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 a third-party agent could impersonate a cloud agent\n\n\n\n\ud83d\udea8 CVE-2024-36366\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 an XSS could be executed via certain report grouping and filtering operations\n\n\n\n\ud83d\udea8 CVE-2024-36367\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via third-party reports was possible\n\n\n\n\ud83d\udea8 CVE-2024-36368\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 reflected XSS via OAuth provider configuration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36369\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via issue tracker integration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36370\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via OAuth connection settings was possible\n\n\n\ud83d\udea8 CVE-2024-36371\nIn JetBrains TeamCity before 2023.05.5, 2023.11.5 stored XSS in Commit status publisher was possible\n\n\n\ud83d\udea8 CVE-2024-36372\nIn JetBrains TeamCity before 2023.05.5 reflected XSS on the subscriptions page was possible\n\n\n\ud83d\udea8 CVE-2024-36373\nIn JetBrains TeamCity before 2024.03.2 several stored XSS in untrusted builds settings were possible\n\n\ud83d\udcda ZeroEthical Course \ud83d\udc8e", "creation_timestamp": "2024-06-05T05:59:45.000000Z"}, {"uuid": "4c1eb326-90f6-41f7-92ad-a4cbd3102212", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36368", "type": "seen", "source": "https://t.me/ZeroEthical_Course/320", "content": "\ud83d\udea8 CVE-2024-36362\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 path traversal allowing to read files from server was possible\n\n\ud83d\udea8 CVE-2024-36363\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 several Stored XSS in code inspection reports were possible\n\n\n\n\ud83d\udea8 CVE-2024-36364\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 improper access control in Pull Requests and Commit status publisher build features was possible\n\n\n\n\ud83d\udea8 CVE-2024-36365\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 a third-party agent could impersonate a cloud agent\n\n\n\n\ud83d\udea8 CVE-2024-36366\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 an XSS could be executed via certain report grouping and filtering operations\n\n\n\n\ud83d\udea8 CVE-2024-36367\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via third-party reports was possible\n\n\n\n\ud83d\udea8 CVE-2024-36368\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 reflected XSS via OAuth provider configuration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36369\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via issue tracker integration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36370\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via OAuth connection settings was possible\n\n\n\ud83d\udea8 CVE-2024-36371\nIn JetBrains TeamCity before 2023.05.5, 2023.11.5 stored XSS in Commit status publisher was possible\n\n\n\ud83d\udea8 CVE-2024-36372\nIn JetBrains TeamCity before 2023.05.5 reflected XSS on the subscriptions page was possible\n\n\n\ud83d\udea8 CVE-2024-36373\nIn JetBrains TeamCity before 2024.03.2 several stored XSS in untrusted builds settings were possible\n\n\ud83d\udcda ZeroEthical Course \ud83d\udc8e", "creation_timestamp": "2024-06-05T05:59:45.000000Z"}, {"uuid": "b18b1882-def4-4c49-b7fb-6ad809a5c683", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36363", "type": "seen", "source": "https://t.me/ZeroEthical_Course/320", "content": "\ud83d\udea8 CVE-2024-36362\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 path traversal allowing to read files from server was possible\n\n\ud83d\udea8 CVE-2024-36363\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 several Stored XSS in code inspection reports were possible\n\n\n\n\ud83d\udea8 CVE-2024-36364\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 improper access control in Pull Requests and Commit status publisher build features was possible\n\n\n\n\ud83d\udea8 CVE-2024-36365\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 a third-party agent could impersonate a cloud agent\n\n\n\n\ud83d\udea8 CVE-2024-36366\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 an XSS could be executed via certain report grouping and filtering operations\n\n\n\n\ud83d\udea8 CVE-2024-36367\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via third-party reports was possible\n\n\n\n\ud83d\udea8 CVE-2024-36368\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 reflected XSS via OAuth provider configuration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36369\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via issue tracker integration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36370\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via OAuth connection settings was possible\n\n\n\ud83d\udea8 CVE-2024-36371\nIn JetBrains TeamCity before 2023.05.5, 2023.11.5 stored XSS in Commit status publisher was possible\n\n\n\ud83d\udea8 CVE-2024-36372\nIn JetBrains TeamCity before 2023.05.5 reflected XSS on the subscriptions page was possible\n\n\n\ud83d\udea8 CVE-2024-36373\nIn JetBrains TeamCity before 2024.03.2 several stored XSS in untrusted builds settings were possible\n\n\ud83d\udcda ZeroEthical Course \ud83d\udc8e", "creation_timestamp": "2024-06-05T05:59:45.000000Z"}, {"uuid": "ffc2514b-07ed-42e6-8a65-4ee027d6655a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36364", "type": "seen", "source": "https://t.me/ZeroEthical_Course/320", "content": "\ud83d\udea8 CVE-2024-36362\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 path traversal allowing to read files from server was possible\n\n\ud83d\udea8 CVE-2024-36363\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 several Stored XSS in code inspection reports were possible\n\n\n\n\ud83d\udea8 CVE-2024-36364\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 improper access control in Pull Requests and Commit status publisher build features was possible\n\n\n\n\ud83d\udea8 CVE-2024-36365\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 a third-party agent could impersonate a cloud agent\n\n\n\n\ud83d\udea8 CVE-2024-36366\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 an XSS could be executed via certain report grouping and filtering operations\n\n\n\n\ud83d\udea8 CVE-2024-36367\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via third-party reports was possible\n\n\n\n\ud83d\udea8 CVE-2024-36368\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 reflected XSS via OAuth provider configuration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36369\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via issue tracker integration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36370\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via OAuth connection settings was possible\n\n\n\ud83d\udea8 CVE-2024-36371\nIn JetBrains TeamCity before 2023.05.5, 2023.11.5 stored XSS in Commit status publisher was possible\n\n\n\ud83d\udea8 CVE-2024-36372\nIn JetBrains TeamCity before 2023.05.5 reflected XSS on the subscriptions page was possible\n\n\n\ud83d\udea8 CVE-2024-36373\nIn JetBrains TeamCity before 2024.03.2 several stored XSS in untrusted builds settings were possible\n\n\ud83d\udcda ZeroEthical Course \ud83d\udc8e", "creation_timestamp": "2024-06-05T05:59:45.000000Z"}, {"uuid": "106532ba-1af2-4435-9714-cd29ca813734", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36365", "type": "seen", "source": "https://t.me/ZeroEthical_Course/320", "content": "\ud83d\udea8 CVE-2024-36362\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 path traversal allowing to read files from server was possible\n\n\ud83d\udea8 CVE-2024-36363\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 several Stored XSS in code inspection reports were possible\n\n\n\n\ud83d\udea8 CVE-2024-36364\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 improper access control in Pull Requests and Commit status publisher build features was possible\n\n\n\n\ud83d\udea8 CVE-2024-36365\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 a third-party agent could impersonate a cloud agent\n\n\n\n\ud83d\udea8 CVE-2024-36366\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 an XSS could be executed via certain report grouping and filtering operations\n\n\n\n\ud83d\udea8 CVE-2024-36367\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via third-party reports was possible\n\n\n\n\ud83d\udea8 CVE-2024-36368\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 reflected XSS via OAuth provider configuration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36369\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via issue tracker integration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36370\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via OAuth connection settings was possible\n\n\n\ud83d\udea8 CVE-2024-36371\nIn JetBrains TeamCity before 2023.05.5, 2023.11.5 stored XSS in Commit status publisher was possible\n\n\n\ud83d\udea8 CVE-2024-36372\nIn JetBrains TeamCity before 2023.05.5 reflected XSS on the subscriptions page was possible\n\n\n\ud83d\udea8 CVE-2024-36373\nIn JetBrains TeamCity before 2024.03.2 several stored XSS in untrusted builds settings were possible\n\n\ud83d\udcda ZeroEthical Course \ud83d\udc8e", "creation_timestamp": "2024-06-05T05:59:45.000000Z"}, {"uuid": "97d6c391-1d2b-4213-bf31-ac893d69635d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36362", "type": "seen", "source": "https://t.me/ZeroEthical_Course/320", "content": "\ud83d\udea8 CVE-2024-36362\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 path traversal allowing to read files from server was possible\n\n\ud83d\udea8 CVE-2024-36363\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 several Stored XSS in code inspection reports were possible\n\n\n\n\ud83d\udea8 CVE-2024-36364\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 improper access control in Pull Requests and Commit status publisher build features was possible\n\n\n\n\ud83d\udea8 CVE-2024-36365\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 a third-party agent could impersonate a cloud agent\n\n\n\n\ud83d\udea8 CVE-2024-36366\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 an XSS could be executed via certain report grouping and filtering operations\n\n\n\n\ud83d\udea8 CVE-2024-36367\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via third-party reports was possible\n\n\n\n\ud83d\udea8 CVE-2024-36368\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 reflected XSS via OAuth provider configuration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36369\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via issue tracker integration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36370\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via OAuth connection settings was possible\n\n\n\ud83d\udea8 CVE-2024-36371\nIn JetBrains TeamCity before 2023.05.5, 2023.11.5 stored XSS in Commit status publisher was possible\n\n\n\ud83d\udea8 CVE-2024-36372\nIn JetBrains TeamCity before 2023.05.5 reflected XSS on the subscriptions page was possible\n\n\n\ud83d\udea8 CVE-2024-36373\nIn JetBrains TeamCity before 2024.03.2 several stored XSS in untrusted builds settings were possible\n\n\ud83d\udcda ZeroEthical Course \ud83d\udc8e", "creation_timestamp": "2024-06-05T05:59:45.000000Z"}, {"uuid": "e2f03404-92aa-415e-94e7-df7cbfaf0c35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36366", "type": "seen", "source": "https://t.me/ZeroEthical_Course/320", "content": "\ud83d\udea8 CVE-2024-36362\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 path traversal allowing to read files from server was possible\n\n\ud83d\udea8 CVE-2024-36363\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 several Stored XSS in code inspection reports were possible\n\n\n\n\ud83d\udea8 CVE-2024-36364\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 improper access control in Pull Requests and Commit status publisher build features was possible\n\n\n\n\ud83d\udea8 CVE-2024-36365\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 a third-party agent could impersonate a cloud agent\n\n\n\n\ud83d\udea8 CVE-2024-36366\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 an XSS could be executed via certain report grouping and filtering operations\n\n\n\n\ud83d\udea8 CVE-2024-36367\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via third-party reports was possible\n\n\n\n\ud83d\udea8 CVE-2024-36368\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 reflected XSS via OAuth provider configuration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36369\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via issue tracker integration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36370\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via OAuth connection settings was possible\n\n\n\ud83d\udea8 CVE-2024-36371\nIn JetBrains TeamCity before 2023.05.5, 2023.11.5 stored XSS in Commit status publisher was possible\n\n\n\ud83d\udea8 CVE-2024-36372\nIn JetBrains TeamCity before 2023.05.5 reflected XSS on the subscriptions page was possible\n\n\n\ud83d\udea8 CVE-2024-36373\nIn JetBrains TeamCity before 2024.03.2 several stored XSS in untrusted builds settings were possible\n\n\ud83d\udcda ZeroEthical Course \ud83d\udc8e", "creation_timestamp": "2024-06-05T05:59:45.000000Z"}, {"uuid": "03f2ad02-2f0e-471a-b79b-c73ca4a6ae0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36368", "type": "seen", "source": "Telegram/DASdBAzd_yFqiCt-TEWD5i84DOJh0xCyfOR9Q_3VL29Y", "content": "", "creation_timestamp": "2024-05-29T18:53:28.000000Z"}, {"uuid": "01d9e2e2-6184-4468-9029-49c0e5075b8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36367", "type": "seen", "source": "https://t.me/DARK_SPOT_TEAM/581", "content": "\ud83d\udea8 CVE-2024-36362\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 path traversal allowing to read files from server was possible\n\n\ud83d\udea8 CVE-2024-36363\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 several Stored XSS in code inspection reports were possible\n\n\n\n\ud83d\udea8 CVE-2024-36364\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 improper access control in Pull Requests and Commit status publisher build features was possible\n\n\n\n\ud83d\udea8 CVE-2024-36365\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 a third-party agent could impersonate a cloud agent\n\n\n\n\ud83d\udea8 CVE-2024-36366\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 an XSS could be executed via certain report grouping and filtering operations\n\n\n\n\ud83d\udea8 CVE-2024-36367\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via third-party reports was possible\n\n\n\n\ud83d\udea8 CVE-2024-36368\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 reflected XSS via OAuth provider configuration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36369\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via issue tracker integration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36370\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via OAuth connection settings was possible\n\n\n\ud83d\udea8 CVE-2024-36371\nIn JetBrains TeamCity before 2023.05.5, 2023.11.5 stored XSS in Commit status publisher was possible\n\n\n\ud83d\udea8 CVE-2024-36372\nIn JetBrains TeamCity before 2023.05.5 reflected XSS on the subscriptions page was possible\n\n\n\ud83d\udea8 CVE-2024-36373\nIn JetBrains TeamCity before 2024.03.2 several stored XSS in untrusted builds settings were possible", "creation_timestamp": "2024-05-29T18:53:28.000000Z"}, {"uuid": "ce1a5bb4-2030-4882-98ab-f0f78b01c4f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36368", "type": "seen", "source": "https://t.me/DARK_SPOT_TEAM/581", "content": "\ud83d\udea8 CVE-2024-36362\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 path traversal allowing to read files from server was possible\n\n\ud83d\udea8 CVE-2024-36363\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 several Stored XSS in code inspection reports were possible\n\n\n\n\ud83d\udea8 CVE-2024-36364\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 improper access control in Pull Requests and Commit status publisher build features was possible\n\n\n\n\ud83d\udea8 CVE-2024-36365\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 a third-party agent could impersonate a cloud agent\n\n\n\n\ud83d\udea8 CVE-2024-36366\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 an XSS could be executed via certain report grouping and filtering operations\n\n\n\n\ud83d\udea8 CVE-2024-36367\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via third-party reports was possible\n\n\n\n\ud83d\udea8 CVE-2024-36368\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 reflected XSS via OAuth provider configuration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36369\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via issue tracker integration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36370\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via OAuth connection settings was possible\n\n\n\ud83d\udea8 CVE-2024-36371\nIn JetBrains TeamCity before 2023.05.5, 2023.11.5 stored XSS in Commit status publisher was possible\n\n\n\ud83d\udea8 CVE-2024-36372\nIn JetBrains TeamCity before 2023.05.5 reflected XSS on the subscriptions page was possible\n\n\n\ud83d\udea8 CVE-2024-36373\nIn JetBrains TeamCity before 2024.03.2 several stored XSS in untrusted builds settings were possible", "creation_timestamp": "2024-05-29T18:53:28.000000Z"}, {"uuid": "bc635df4-0350-4392-9147-18c90833867e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36363", "type": "seen", "source": "https://t.me/DARK_SPOT_TEAM/581", "content": "\ud83d\udea8 CVE-2024-36362\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 path traversal allowing to read files from server was possible\n\n\ud83d\udea8 CVE-2024-36363\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 several Stored XSS in code inspection reports were possible\n\n\n\n\ud83d\udea8 CVE-2024-36364\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 improper access control in Pull Requests and Commit status publisher build features was possible\n\n\n\n\ud83d\udea8 CVE-2024-36365\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 a third-party agent could impersonate a cloud agent\n\n\n\n\ud83d\udea8 CVE-2024-36366\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 an XSS could be executed via certain report grouping and filtering operations\n\n\n\n\ud83d\udea8 CVE-2024-36367\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via third-party reports was possible\n\n\n\n\ud83d\udea8 CVE-2024-36368\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 reflected XSS via OAuth provider configuration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36369\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via issue tracker integration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36370\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via OAuth connection settings was possible\n\n\n\ud83d\udea8 CVE-2024-36371\nIn JetBrains TeamCity before 2023.05.5, 2023.11.5 stored XSS in Commit status publisher was possible\n\n\n\ud83d\udea8 CVE-2024-36372\nIn JetBrains TeamCity before 2023.05.5 reflected XSS on the subscriptions page was possible\n\n\n\ud83d\udea8 CVE-2024-36373\nIn JetBrains TeamCity before 2024.03.2 several stored XSS in untrusted builds settings were possible", "creation_timestamp": "2024-05-29T18:53:28.000000Z"}, {"uuid": "5ea40614-3165-41e8-8995-70eea123b5ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36364", "type": "seen", "source": "https://t.me/DARK_SPOT_TEAM/581", "content": "\ud83d\udea8 CVE-2024-36362\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 path traversal allowing to read files from server was possible\n\n\ud83d\udea8 CVE-2024-36363\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 several Stored XSS in code inspection reports were possible\n\n\n\n\ud83d\udea8 CVE-2024-36364\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 improper access control in Pull Requests and Commit status publisher build features was possible\n\n\n\n\ud83d\udea8 CVE-2024-36365\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 a third-party agent could impersonate a cloud agent\n\n\n\n\ud83d\udea8 CVE-2024-36366\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 an XSS could be executed via certain report grouping and filtering operations\n\n\n\n\ud83d\udea8 CVE-2024-36367\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via third-party reports was possible\n\n\n\n\ud83d\udea8 CVE-2024-36368\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 reflected XSS via OAuth provider configuration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36369\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via issue tracker integration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36370\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via OAuth connection settings was possible\n\n\n\ud83d\udea8 CVE-2024-36371\nIn JetBrains TeamCity before 2023.05.5, 2023.11.5 stored XSS in Commit status publisher was possible\n\n\n\ud83d\udea8 CVE-2024-36372\nIn JetBrains TeamCity before 2023.05.5 reflected XSS on the subscriptions page was possible\n\n\n\ud83d\udea8 CVE-2024-36373\nIn JetBrains TeamCity before 2024.03.2 several stored XSS in untrusted builds settings were possible", "creation_timestamp": "2024-05-29T18:53:28.000000Z"}, {"uuid": "a64d674f-3110-44c0-8246-4892fff25efa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36369", "type": "seen", "source": "https://t.me/DARK_SPOT_TEAM/581", "content": "\ud83d\udea8 CVE-2024-36362\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 path traversal allowing to read files from server was possible\n\n\ud83d\udea8 CVE-2024-36363\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 several Stored XSS in code inspection reports were possible\n\n\n\n\ud83d\udea8 CVE-2024-36364\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 improper access control in Pull Requests and Commit status publisher build features was possible\n\n\n\n\ud83d\udea8 CVE-2024-36365\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 a third-party agent could impersonate a cloud agent\n\n\n\n\ud83d\udea8 CVE-2024-36366\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 an XSS could be executed via certain report grouping and filtering operations\n\n\n\n\ud83d\udea8 CVE-2024-36367\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via third-party reports was possible\n\n\n\n\ud83d\udea8 CVE-2024-36368\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 reflected XSS via OAuth provider configuration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36369\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via issue tracker integration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36370\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via OAuth connection settings was possible\n\n\n\ud83d\udea8 CVE-2024-36371\nIn JetBrains TeamCity before 2023.05.5, 2023.11.5 stored XSS in Commit status publisher was possible\n\n\n\ud83d\udea8 CVE-2024-36372\nIn JetBrains TeamCity before 2023.05.5 reflected XSS on the subscriptions page was possible\n\n\n\ud83d\udea8 CVE-2024-36373\nIn JetBrains TeamCity before 2024.03.2 several stored XSS in untrusted builds settings were possible", "creation_timestamp": "2024-05-29T18:53:28.000000Z"}, {"uuid": "39cbb092-fd8e-4b4d-a56d-308878c7fd66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36365", "type": "seen", "source": "https://t.me/DARK_SPOT_TEAM/581", "content": "\ud83d\udea8 CVE-2024-36362\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 path traversal allowing to read files from server was possible\n\n\ud83d\udea8 CVE-2024-36363\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 several Stored XSS in code inspection reports were possible\n\n\n\n\ud83d\udea8 CVE-2024-36364\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 improper access control in Pull Requests and Commit status publisher build features was possible\n\n\n\n\ud83d\udea8 CVE-2024-36365\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5, 2024.03.2 a third-party agent could impersonate a cloud agent\n\n\n\n\ud83d\udea8 CVE-2024-36366\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 an XSS could be executed via certain report grouping and filtering operations\n\n\n\n\ud83d\udea8 CVE-2024-36367\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via third-party reports was possible\n\n\n\n\ud83d\udea8 CVE-2024-36368\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 reflected XSS via OAuth provider configuration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36369\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via issue tracker integration was possible\n\n\n\n\ud83d\udea8 CVE-2024-36370\nIn JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via OAuth connection settings was possible\n\n\n\ud83d\udea8 CVE-2024-36371\nIn JetBrains TeamCity before 2023.05.5, 2023.11.5 stored XSS in Commit status publisher was possible\n\n\n\ud83d\udea8 CVE-2024-36372\nIn JetBrains TeamCity before 2023.05.5 reflected XSS on the subscriptions page was possible\n\n\n\ud83d\udea8 CVE-2024-36373\nIn JetBrains TeamCity before 2024.03.2 several stored XSS in untrusted builds settings were possible", "creation_timestamp": "2024-05-29T18:53:28.000000Z"}]}