Vulnerabilities > Intland

DATE CVE VULNERABILITY TITLE RISK
2023-08-29 CVE-2023-4296 Unspecified vulnerability in Intland Codebeamer 21.09.0/22.04.0/22.10.0
?If an attacker tricks an admin user of PTC Codebeamer into clicking on a malicious link, it may allow the attacker to inject arbitrary code to be executed in the browser on the target device.
network
low complexity
intland
6.1
2021-06-08 CVE-2020-26515 Insufficiently Protected Credentials vulnerability in Intland Codebeamer 10.0.0/10.0.1/10.1.0
An insufficiently protected credentials issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4.
network
low complexity
intland CWE-522
7.5
2021-06-08 CVE-2020-26516 Cross-Site Request Forgery (CSRF) vulnerability in Intland Codebeamer
A CSRF issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4.
network
low complexity
intland CWE-352
8.8
2021-06-08 CVE-2020-26517 Cross-site Scripting vulnerability in Intland Codebeamer
A cross-site scripting (XSS) issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4.
network
low complexity
intland CWE-79
4.8
2020-12-07 CVE-2020-26513 XXE vulnerability in Intland Codebeamer 10.0.0/10.0.1/10.1.0
An issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4.
local
low complexity
intland CWE-611
5.5
2020-04-02 CVE-2019-20635 Unsafe Reflection vulnerability in Intland Codebeamer
codeBeamer before 9.5.0-RC3 does not properly restrict the ability to execute custom Java code and access the Java class loader via computed fields.
network
low complexity
intland CWE-470
6.1
2020-03-30 CVE-2019-19913 Cross-site Scripting vulnerability in Intland Codebeamer
In Intland codeBeamer ALM 9.5 and earlier, there is stored XSS via the Trackers Title parameter.
network
low complexity
intland CWE-79
4.8
2020-03-30 CVE-2019-19912 Cross-site Scripting vulnerability in Intland Codebeamer
In Intland codeBeamer ALM 9.5 and earlier, a cross-site scripting (XSS) vulnerability in the Upload Flash File feature allows authenticated remote attackers to inject arbitrary scripts via an active script embedded in an SWF file.
network
low complexity
intland CWE-79
4.8