HIGH 7.1

CVE-2026-49371: Reflected XSS in JetBrains TeamCity Keyword Filter

JetBrains TeamCity versions prior to 2026.1.1 contain a reflected cross-site scripting (XSS) vulnerability in the keyword filter feature. An attacker can craft a malicious URL containing unsanitized input that, when visited by a TeamCity user, executes arbitrary JavaScript in the victim's browser within the context of the TeamCity application. This allows session hijacking, credential theft, or unauthorized actions performed on behalf of the victim.

Source data · NVD / CISA · public domain

CVSS
3.1 · 7.1 HIGH · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
Weaknesses (CWE)
CWE-79
Affected products
1 configuration(s)
Published / Modified
2026-05-29 / 2026-06-17

NVD description (verbatim)

In JetBrains TeamCity before 2026.1.1 reflected XSS in the keyword filter was possible

1 reference(s) · View on NVD →

SEC.co analysis · AI-assisted, reviewed against source

Technical summary

The vulnerability is a reflected XSS flaw (CWE-79) present in TeamCity's keyword filter functionality. User-supplied input is reflected in the HTTP response without proper output encoding or content security policy protection. The attack vector is network-based with no authentication required, though user interaction (clicking a malicious link) is necessary. The CVSS 3.1 score of 7.1 (HIGH) reflects high confidentiality impact, low integrity impact, and no availability impact, indicating that while the attacker can read sensitive data, the primary concern is information disclosure rather than system compromise.

Business impact

Exploitation could lead to session theft, allowing attackers to impersonate authenticated TeamCity users and access build configurations, artifacts, credentials stored within TeamCity, and deployment pipelines. In organizations using TeamCity for CI/CD, compromised sessions enable supply chain attacks, unauthorized code deployment, or theft of build secrets and API tokens. The reputational and operational risk depends on what sensitive data and integration points are accessible through TeamCity in your environment.

Affected systems

JetBrains TeamCity versions before 2026.1.1 are affected. The vulnerability has not yet been designated as actively exploited in the wild (KEV status is false as of the publication date). Organizations running any TeamCity release prior to version 2026.1.1 should prioritize assessment and patching. Verify your installed version in the TeamCity Administration console under About page.

Exploitability

Exploitation requires no privileges or special network positioning—only that a victim click a crafted link. The barrier to exploitation is user interaction; however, phishing campaigns targeting development teams are common and effective. The reflected nature (not stored) limits blast radius per attack but makes it ideal for targeted social engineering. No active exploitation in the KEV catalog has been reported as of the vulnerability's publication.

Remediation

Upgrade JetBrains TeamCity to version 2026.1.1 or later. Verify the patch is applied by checking Administration > About and confirming the version number. For environments unable to patch immediately, apply input validation and output encoding at the application level if possible, and enforce Content-Security-Policy headers to limit XSS impact. Consider restricting TeamCity access to VPN or internal networks only to reduce attack surface.

Patch guidance

Consult the JetBrains TeamCity release notes for version 2026.1.1 and verify against the official vendor advisory for detailed upgrade instructions specific to your deployment type (On-Premises, Cloud, or Docker). Test the upgrade in a non-production environment first to ensure compatibility with plugins and integrations. If you operate a cloud instance, check whether JetBrains has already applied patches automatically.

Detection guidance

Monitor TeamCity logs for unusual keyword filter parameters containing script tags, event handlers (onclick, onerror), or URL-encoded JavaScript. Look for requests with payloads like %3Cscript%3E or javascript: in query parameters. Implement web application firewalls (WAF) rules to detect and block XSS payloads targeting the keyword filter endpoint. Review browser console logs on user workstations for unexpected JavaScript execution within TeamCity sessions. Security event logs should capture any anomalous build configuration changes or credential access shortly after potential XSS exploitation.

Why prioritize this

Although not yet actively exploited, this vulnerability merits prompt patching because: (1) it requires no authentication and only user interaction—a low barrier to weaponization; (2) TeamCity is frequently the central hub of CI/CD infrastructure, making it a high-value target; (3) successful exploitation grants indirect access to build artifacts, secrets, and downstream systems; (4) phishing is a mature attack vector and development teams are often targeted. The HIGH CVSS score and confidentiality impact warrant prioritization within 30 days.

Risk score, explained

The CVSS 3.1 score of 7.1 reflects: Attack Vector Network (0.85), Attack Complexity Low (0.77), no Privileges Required (0.85), User Interaction Required (0.62), no Scope change (1.0), high Confidentiality (0.56), low Integrity (0.22), no Availability impact (0.0). The score is elevated by the network reachability and lack of authentication; it is tempered by the requirement for user interaction and limited integrity impact. In the context of TeamCity's role as a build and deployment hub, the confidentiality impact (access to build secrets, configs) increases business risk beyond the base score.

Frequently asked questions

Do we need to patch immediately if TeamCity is only accessible on an internal network?

While network isolation reduces exposure, phishing and insider threats remain vectors. Reflected XSS in a CI/CD tool can still lead to lateral movement or privilege escalation. Patch within 30 days; do not rely on network isolation alone as a long-term mitigation.

Will upgrading TeamCity 2026.1.1 break our existing plugins or integrations?

Consult the JetBrains compatibility matrix and your plugin vendor documentation before upgrading. Test in a staging environment first. Most plugins remain compatible across patch versions, but custom plugins may require validation.

Can we use a WAF to block this vulnerability without patching?

A WAF can mitigate by blocking malicious keyword filter payloads, but this is not a substitute for patching. WAF rules may create false positives and require ongoing tuning. Patching is the definitive remediation.

Is this vulnerability exploited in ransomware campaigns?

As of the current KEV status, this vulnerability is not listed as actively exploited in ransomware campaigns. However, its role in CI/CD pipeline compromise makes it a potential stepping stone for supply chain attacks. Do not wait for public exploitation reports to patch.

This analysis is provided for informational purposes and based on vendor disclosures as of the publication date. No warranty is made regarding completeness or accuracy. Organizations should verify patch applicability and compatibility against their specific TeamCity versions and deployments. This explainer does not constitute professional security advice; consult with your security team and JetBrains support for environment-specific guidance. Exploit availability and active deployment may change; refer to JetBrains security advisories and KEV catalog updates for current threat intelligence. Source: NVD (public-domain), retrieved 2026-07-08. Analysis generated by SEC.co (claude-haiku-4-5).