CVE-2025-52876 – JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability

June 23, 2025

CVE ID : CVE-2025-52876

Published : June 23, 2025, 3:15 p.m. | 3 hours, 9 minutes ago

Description : In JetBrains TeamCity before 2025.03.3 reflected XSS on the favoriteIcon page was possible

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-52877 – JetBrains TeamCity Reflected XSS Vulnerability

Next Article CVE-2025-52875 – JetBrains TeamCity DOM-Based XSS

Highlights

CVE-2025-50200 – RabbitMQ Basic Authentication Header Logging Vulnerability

June 19, 2025

CVE ID : CVE-2025-50200

Published : June 19, 2025, 5:15 p.m. | 41 minutes ago

Description : RabbitMQ is a messaging and streaming broker. In versions 3.13.7 and prior, RabbitMQ is logging authorization headers in plaintext encoded in base64. When querying RabbitMQ api with HTTP/s with basic authentication it creates logs with all headers in request, including authorization headers which show base64 encoded username:password. This is easy to decode and afterwards could be used to obtain control to the system depending on credentials. This issue has been patched in version 4.0.8.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Power Of The Intl API: A Definitive Guide To Browser-Native Internationalization

This week in AI dev tools: GPT-5, Claude Opus 4.1, and more (August 8, 2025)

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

I compared the best headphones from Apple, Sony, Bose, and Sonos: Here’s how the AirPods Max wins

I changed these 6 settings on my iPad to significantly improve its battery life

DistroWatch Weekly, Issue 1134

3 portable power stations I travel everywhere with (and how they differ)

Next.js PWA offline capability with Service Worker, no extra package

Next.js PWA offline capability with Service Worker, no extra package

spatie/laravel-flare

Establishing Consistent Data Foundations with Laravel’s Database Population System

Windows 11 Copilot gets free access to GPT-5 Thinking, reduced rate limits than ChatGPT Free

Windows 11 Copilot gets free access to GPT-5 Thinking, reduced rate limits than ChatGPT Free

Best Architecture AI Rendering Platform: 6 Tools Tested

Microsoft won’t kill off Chromium Edge and PWAs on Windows 10 until October 2028

CVE-2025-52876 – JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability

Researchers Reveal ReVault Attack Targeting Dell ControlVault3 Firmware in 100+ Laptop Models

Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation

Nintendo’s Switch 2 hits 3.5 million sales in just four days

CVE-2025-28983 – Click & Pledge Connect SQL Injection Privilege Escalation

Lenovo’s new 16-inch Yoga 7i doesn’t get the “2-in-1” part quite right, but there are some redeeming qualities here

The Next-Gen AIOps Doctor Is In: Diagnosing Mainframe Issues Quickly and Intelligently

CVE-2025-50200 – RabbitMQ Basic Authentication Header Logging Vulnerability

How Breaches Start: Breaking Down 5 Real Vulns

Thanks to Sabrina Carpenter, for the first time in my life — I want to play Fortnite

CVE-2025-4546 – A vulnerability was found in 1Panel-dev MaxKB up t

CVE-2025-52876 – JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability

Related Posts