Vulnerability Details CVE-2019-19912
In Intland codeBeamer ALM 9.5 and earlier, a cross-site scripting (XSS) vulnerability in the Upload Flash File feature allows authenticated remote attackers to inject arbitrary scripts via an active script embedded in an SWF file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 48.5%
CVSS Severity
CVSS v3 Score 4.8
CVSS v2 Score 3.5
References
Products affected by CVE-2019-19912
-
cpe:2.3:a:intland:codebeamer:-
-
cpe:2.3:a:intland:codebeamer:8.2.0
-
cpe:2.3:a:intland:codebeamer:8.2.0.1
-
cpe:2.3:a:intland:codebeamer:8.2.1
-
cpe:2.3:a:intland:codebeamer:9.0.0
-
cpe:2.3:a:intland:codebeamer:9.0.1
-
cpe:2.3:a:intland:codebeamer:9.0.2
-
cpe:2.3:a:intland:codebeamer:9.1.0
-
cpe:2.3:a:intland:codebeamer:9.2.0
-
cpe:2.3:a:intland:codebeamer:9.3.0
-
cpe:2.3:a:intland:codebeamer:9.4.0