CNNVD-202507-3541 Information
CNNVD ID
CNNVD-202507-3541
Related CVE
- CNNVD Published: 2025-07-28
Description (Chinese)
JetBrains TeamCity是捷克JetBrains公司的一套分布式构建管理和持续集成工具。该工具提供持续单元测试、代码质量分析和构建问题分析报告等功能。 JetBrains TeamCity 2025.07之前版本存在跨站请求伪造漏洞,该漏洞源于GraphQL端点容易受到跨站请求伪造攻击。
Description (English)
Jetbrains TeamCity is a distributed set of building management and continuous integration tools for Czech Jetbrains. The tool provides continuous modular testing, code quality analysis and construction analysis. The pre-Jetbrains TeamCity 2025.07 version contains a forgery gap in cross-site requests, which stems from the vulnerability of the GraphQL endpoint to cross-site requests for forgery attacks.
Hazard Level
High
Vulnerability Type
跨站请求伪造
Affected Vendor
JetBrains
Published
2025-07-28
Last Modified
2026-02-24
References
https://www.jetbrains.com/privacy-security/issues-fixed/ https://access.redhat.com/security/cve/cve-2025-54536
Patch
https://www.jetbrains.com/privacy-security/issues-fixed/
Share on: