Update GobyVuls-Document.md

GobyVuls-Document.md

@@ -1,7 +1,22 @@
 # Goby History Update Vulnerability Total Document (Continuously Update) 
 The following content is an updated vulnerability from Goby. Some of the vulnerabilities are recorded on the screen for easy viewing.
 
-**Updated document date: October 12, 2023** 
+**Updated document date: October 13, 2023** 
+
+## JetBrains TeamCity remote command execution vulnerability (CVE-2023-42793)
+
+|   **Vulnerability**  | 	JetBrains TeamCity remote command execution vulnerability (CVE-2023-42793)  |
+| :----:   | :-----|
+|  **Chinese name**  | 	JetBrains TeamCity 远程命令执行漏洞（CVE-2023-42793） |
+| **CVSS core**  | 	9.8 |
+| **FOFA Query**  (click to view the results directly)| [app="JET_BRAINS-TeamCity"](https://en.fofa.info/result?qbase64=aGVhZGVyPSJUZWFtY2l0eSIgfHwgYmFubmVyPSJUZWFtY2l0eSIgfHwgdGl0bGU9IlRlYW1DaXR5IiB8fCBib2R5PSJjb250ZW50PVwiVGVhbUNpdHkgKExvZyBpbiB0byBUZWFtQ2l0eSI%3D)|
+| **Number of assets affected**  | 26963 |
+| **Description**  | 	JetBrains TeamCity is a general CI/CD software platform developed by JetBrains.JetBrains TeamCity can obtain the valid token of the corresponding id user by accessing the /app/rest/users/{{id}}/tokens/RPC2 endpoint. Accessing the restricted endpoint with the admin token will cause remote command execution or the creation of a background administrator user. |
+| **Impact** | 	JetBrains TeamCity can obtain the valid token of the corresponding id user by accessing the /app/rest/users/{{id}}/tokens/RPC2 endpoint. Accessing the restricted endpoint with the admin token will cause remote command execution or the creation of a background administrator user. |
+
+![](https://s3.bmp.ovh/imgs/2023/10/13/d46d67aca09ab4ae.gif)
+
+
 
 ## JeeSpringCloud uploadFile.jsp file upload vulnerability