22.10.0

CVSS 6.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

intland

NVD

Published: 2023-08-29

Updated: 2024-11-21

Summary

?If an attacker tricks an admin user of PTC Codebeamer into clicking on a malicious link, it may allow the attacker to inject arbitrary code to be executed in the browser on the target device.

Vulnerable Configurations

Part	Description	Count
Application	Intland Intland Codebeamer 21.09.0 Intland Codebeamer 22.04.0 Intland Codebeamer 22.10.0	29

References

http://packetstormsecurity.com/files/174703/PTC-Codebeamer-Cross-Site-Scripting.html
http://packetstormsecurity.com/files/174703/PTC-Codebeamer-Cross-Site-Scripting.html
http://seclists.org/fulldisclosure/2023/Sep/10
http://seclists.org/fulldisclosure/2023/Sep/10
https://codebeamer.com/cb/wiki/31346480
https://codebeamer.com/cb/wiki/31346480
https://www.cisa.gov/news-events/ics-advisories/icsa-23-241-01
https://www.cisa.gov/news-events/ics-advisories/icsa-23-241-01