CVE-2025-54534 — In JetBrains TeamCity before 2025.07 reflected XSS was possible on the agentpush... | CVE Daily

Medium CVSS 4.8

Overview

In JetBrains TeamCity before 2025.07 reflected XSS was possible on the agentpushPreset page

CWE: CWE-79 Published: 2025-07-28T17:15:33.250

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 4.8 (MEDIUM)
Detected tags: reflected_xss, xss (tag impact: MODERATE)

Recommended actions:

Sanitize reflected input and apply output encoding.
Apply context-aware output encoding.
Enable Content-Security-Policy and HttpOnly/SameSite cookies.

Recommended tools

Tags