Article - CS416309

Security Vulnerability identified in Codebeamer – Reflected XSS

Modified: 07-May-2024   


Applies To

  • Codebeamer 2.0.0.0 to 2.0.0.3
  • Codebeamer 22.10 to 22.10 SP9
  • Codebeamer 2.1.0.0

Description

  • CVSS 3.1 Sore: 7.1
  • CVSS 3.1 Vector String: /AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
  • CWE: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').
  • Note that PTC has no indication nor has been made aware that this vulnerability has or is being exploited.
This is a printer-friendly version of Article 416309 and may be out of date. For the latest version click CS416309