Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
intland codebeamer vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-26516
A CSRF issue exists in Intland codeBeamer ALM 10.x up to and including 10.1.SP4. Requests sent to the server that trigger actions do not contain a CSRF token and can therefore be entirely predicted allowing malicious users to cause the victim's browser to execute undesired a...
Intland Codebeamer 10.1.0
Intland Codebeamer 10.0.0
Intland Codebeamer 10.0.1
Intland Codebeamer 21.04
4.8
CVSSv3
CVE-2020-26517
A cross-site scripting (XSS) issue exists in Intland codeBeamer ALM 10.x up to and including 10.1.SP4. It is possible to perform XSS attacks through using the WebDAV functionality to upload files to a project (Authn users), using the users import functionality (Admin only), and c...
Intland Codebeamer 10.1.0
Intland Codebeamer 10.0.0
Intland Codebeamer 10.0.1
Intland Codebeamer 21.04
6.1
CVSSv3
CVE-2023-4296
?If an attacker tricks an admin user of PTC Codebeamer into clicking on a malicious link, it may allow the malicious user to inject arbitrary code to be executed in the browser on the target device.
Intland Codebeamer 21.09.0
Intland Codebeamer 22.04.0
Intland Codebeamer 22.10.0
6.1
CVSSv3
CVE-2019-20635
codeBeamer prior to 9.5.0-RC3 does not properly restrict the ability to execute custom Java code and access the Java class loader via computed fields.
Intland Codebeamer
Intland Codebeamer 9.5.0
5.5
CVSSv3
CVE-2020-26513
An issue exists in Intland codeBeamer ALM 10.x up to and including 10.1.SP4. The ReqIF XML data, used by the codebeamer ALM application to import projects, is parsed by insecurely configured software components, which can be abused for XML External Entity Attacks.
Intland Codebeamer 10.1.0
Intland Codebeamer
7.5
CVSSv3
CVE-2020-26515
An insufficiently protected credentials issue exists in Intland codeBeamer ALM 10.x up to and including 10.1.SP4. The remember-me cookie (CB_LOGIN) issued by the application contains the encrypted user's credentials. However, due to a bug in the application code, those crede...
Intland Codebeamer 10.1.0
Intland Codebeamer
4.8
CVSSv3
CVE-2019-19912
In Intland codeBeamer ALM 9.5 and previous versions, a cross-site scripting (XSS) vulnerability in the Upload Flash File feature allows authenticated remote malicious users to inject arbitrary scripts via an active script embedded in an SWF file.
Intland Codebeamer
4.8
CVSSv3
CVE-2019-19913
In Intland codeBeamer ALM 9.5 and previous versions, there is stored XSS via the Trackers Title parameter.
Intland Codebeamer
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started