Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
intland vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-26516
A CSRF issue exists in Intland codeBeamer ALM 10.x up to and including 10.1.SP4. Requests sent to the server that trigger actions do not contain a CSRF token and can therefore be entirely predicted allowing malicious users to cause the victim's browser to execute undesired a...
Intland Codebeamer 10.1.0
Intland Codebeamer 10.0.0
Intland Codebeamer 10.0.1
Intland Codebeamer 21.04
4.8
CVSSv3
CVE-2020-26517
A cross-site scripting (XSS) issue exists in Intland codeBeamer ALM 10.x up to and including 10.1.SP4. It is possible to perform XSS attacks through using the WebDAV functionality to upload files to a project (Authn users), using the users import functionality (Admin only), and c...
Intland Codebeamer 10.1.0
Intland Codebeamer 10.0.0
Intland Codebeamer 10.0.1
Intland Codebeamer 21.04
6.1
CVSSv3
CVE-2023-4296
?If an attacker tricks an admin user of PTC Codebeamer into clicking on a malicious link, it may allow the malicious user to inject arbitrary code to be executed in the browser on the target device.
Intland Codebeamer 21.09.0
Intland Codebeamer 22.04.0
Intland Codebeamer 22.10.0
6.1
CVSSv3
CVE-2019-20635
codeBeamer prior to 9.5.0-RC3 does not properly restrict the ability to execute custom Java code and access the Java class loader via computed fields.
Intland Codebeamer
Intland Codebeamer 9.5.0
5.5
CVSSv3
CVE-2020-26513
An issue exists in Intland codeBeamer ALM 10.x up to and including 10.1.SP4. The ReqIF XML data, used by the codebeamer ALM application to import projects, is parsed by insecurely configured software components, which can be abused for XML External Entity Attacks.
Intland Codebeamer 10.1.0
Intland Codebeamer
7.5
CVSSv3
CVE-2020-26515
An insufficiently protected credentials issue exists in Intland codeBeamer ALM 10.x up to and including 10.1.SP4. The remember-me cookie (CB_LOGIN) issued by the application contains the encrypted user's credentials. However, due to a bug in the application code, those crede...
Intland Codebeamer 10.1.0
Intland Codebeamer
4.8
CVSSv3
CVE-2019-19913
In Intland codeBeamer ALM 9.5 and previous versions, there is stored XSS via the Trackers Title parameter.
Intland Codebeamer
4.8
CVSSv3
CVE-2019-19912
In Intland codeBeamer ALM 9.5 and previous versions, a cross-site scripting (XSS) vulnerability in the Upload Flash File feature allows authenticated remote malicious users to inject arbitrary scripts via an active script embedded in an SWF file.
Intland Codebeamer
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started