Vulnerabilities > Intland
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-29 | CVE-2023-4296 | Cross-site Scripting vulnerability in Intland Codebeamer 21.09.0/22.04.0/22.10.0 ?If an attacker tricks an admin user of PTC Codebeamer into clicking on a malicious link, it may allow the attacker to inject arbitrary code to be executed in the browser on the target device. | 6.1 |
| 2021-06-08 | CVE-2020-26515 | Insufficiently Protected Credentials vulnerability in Intland Codebeamer 10.0.0/10.0.1/10.1.0 An insufficiently protected credentials issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4. | 7.5 |
| 2021-06-08 | CVE-2020-26516 | Cross-Site Request Forgery (CSRF) vulnerability in Intland Codebeamer A CSRF issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4. | 8.8 |
| 2021-06-08 | CVE-2020-26517 | Cross-site Scripting vulnerability in Intland Codebeamer A cross-site scripting (XSS) issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4. | 4.8 |
| 2020-12-07 | CVE-2020-26513 | XXE vulnerability in Intland Codebeamer 10.0.0/10.0.1/10.1.0 An issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4. | 5.5 |
| 2020-04-02 | CVE-2019-20635 | Unsafe Reflection vulnerability in Intland Codebeamer codeBeamer before 9.5.0-RC3 does not properly restrict the ability to execute custom Java code and access the Java class loader via computed fields. | 4.3 |
| 2020-03-30 | CVE-2019-19913 | Cross-site Scripting vulnerability in Intland Codebeamer In Intland codeBeamer ALM 9.5 and earlier, there is stored XSS via the Trackers Title parameter. | 4.8 |
| 2020-03-30 | CVE-2019-19912 | Cross-site Scripting vulnerability in Intland Codebeamer In Intland codeBeamer ALM 9.5 and earlier, a cross-site scripting (XSS) vulnerability in the Upload Flash File feature allows authenticated remote attackers to inject arbitrary scripts via an active script embedded in an SWF file. | 4.8 |