Every CVE whose affected-product data names Intland Codebeamer, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2020-26516 — CVSS 8.8 (high): A CSRF issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4. Requests sent to the server that trigger actions do not…
CVE-2023-4296 — CVSS 8.8 (high): If an attacker tricks an admin user of PTC Codebeamer into clicking on a malicious link, it may allow the attacker to inject arbitrary…
CVE-2020-26515 — CVSS 7.5 (high): An insufficiently protected credentials issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4. The remember-me cookie…
CVE-2019-20635 — CVSS 6.1 (medium): codeBeamer before 9.5.0-RC3 does not properly restrict the ability to execute custom Java code and access the Java class loader via…
CVE-2020-26513 — CVSS 5.5 (medium): An issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4. The ReqIF XML data, used by the codebeamer ALM application to…
CVE-2019-19912 — CVSS 4.8 (medium): In Intland codeBeamer ALM 9.5 and earlier, a cross-site scripting (XSS) vulnerability in the Upload Flash File feature allows authenticated…
CVE-2020-26517 — CVSS 4.8 (medium): A cross-site scripting (XSS) issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4. It is possible to perform XSS attacks…