Low
CVSS 3.7
Overview
In JetBrains TeamCity before 2025.07 a CSRF was possible in external OAuth login integration
CVE-2025-54529
In JetBrains TeamCity before 2025.07 a CSRF was possible in external OAuth login...
Risk analysis
This vulnerability is rated 🟢 LOW.
- CVSS: 3.7 (LOW)
- Detected tags: csrf (tag impact: MODERATE)
Recommended actions:
- CSRF tokens, SameSite=Strict for cookies, validate Origin/Referer.