In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible
View the template here CVE-2024-27199.yaml
References:
https://www.rapid7.com/blog/post/2024/03/04/etr-cve-2024-27198-and-cve-2024-27199-jetbrains-teamcity-multiple-authentication-bypass-vulnerabilities-fixed/