CVE-2019-12157

In JetBrains TeamCity versions before 2018.2.5 and UpSource versions before 2018.2 build 1293, improper validation of user input for one of the fields could lead to Command Injection.
Source: NIST
CVE-2019-12157