Vulners
Lucene search
codeBeamer 9.5 Cross Site Scripting
🗓️ 28 Mar 2020 00:00:00Reported by Georg Ph E HeiseType 
packetstorm🔗 packetstormsecurity.com👁 243 Views
| Reporter | Title | Published | Views | Family All 17 |
|---|---|---|---|---|
 | CVE-2019-19912 | 31 Mar 202003:17 | – | circl |
| CVE-2019-19913 | 31 Mar 202003:17 | – | circl |
 | Intland Software codeBeamer Cross-Site Scripting Vulnerability | 30 Mar 202000:00 | – | cnvd |
| Intland Software codeBeamer cross-site scripting vulnerability (CNVD-2020-20428) | 30 Mar 202000:00 | – | cnvd |
 | CVE-2019-19912 | 30 Mar 202021:28 | – | cve |
| CVE-2019-19913 | 30 Mar 202021:26 | – | cve |
 | CVE-2019-19912 | 30 Mar 202021:28 | – | cvelist |
| CVE-2019-19913 | 30 Mar 202021:26 | – | cvelist |
 | EUVD-2019-9503 | 7 Oct 202500:30 | – | euvd |
| EUVD-2019-9504 | 7 Oct 202500:30 | – | euvd |
10
`Packet Storm Security note - Finding one of two:
codeBeamer – Stored Cross-Site Scripting
===============================================================================
Identifiers
-------------------------------------------------
* CVE-2019-19912
CVSSv3 score
-------------------------------------------------
6.4 (AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:H)
Vendor
-------------------------------------------------
Intland – Codebeamer (https://codebeamer.com)
Product
-------------------------------------------------
codeBeamer ALM is a holistically integrated, collaborative Application Lifecycle Management platform with capabilities that cover your entire product development lifecycle.
Affected versions
-------------------------------------------------
- codebeamer 9.5 and below
Credit
-------------------------------------------------
Georg Ph E Heise (@gpheheise) / Lufthansa Industry Solutions (@LHIND_DLH)
Vulnerability summary
-------------------------------------------------
Intland Software has a stored XSS vulnerability in file attachment section.
Technical details
------------------------------------------------
The upload section is vulnerable to accept malicious crafted SWF file.
.
Proof of concept
-------------------------------------------------
To exploit this vulnerability standard male formatted SWF file like the ones available on github
· https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/XSS%20Injection`
Solution
-------------------------------------------------
Contact vendor for a solution
Timeline
-------------------------------------------------
Date | Status
------------|-----------------------------
20-DEZ-2019 | Reported to vendor
03-JAN-2020 | Acknowledged by vendor
09-MAR-2020 | Patch available
26-MAR-2020 | Public disclosure
===============================================================================
Packet Storm Security note - Finding two of two:
codeBeamer – Stored Cross-Site Scripting
===============================================================================
Identifiers
-------------------------------------------------
* CVE-2019-19913
CVSSv3 score
-------------------------------------------------
6.4 ([AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:H](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:H&version=3.1))
Vendor
-------------------------------------------------
Intland – Codebeamer (https://codebeamer.com)
Product
-------------------------------------------------
codeBeamer ALM is a holistically integrated, collaborative Application Lifecycle Management platform with capabilities that cover your entire product development lifecycle.
Affected versions
-------------------------------------------------
- codebeamer 9.5 and below
Credit
-------------------------------------------------
Georg Ph E Heise (@gpheheise) / Lufthansa Industry Solutions (@LHIND_DLH)
Vulnerability summary
-------------------------------------------------
Intland Software has a stored XSS vulnerability in their CodeBeamer 9.5 ALM Tackers Title parameter.
Technical details
------------------------------------------------
The Tackers Heading is vulnerable to a stored cross site scripting (XSS) attack
An Attacker has to create or modify a Tracker Heading with a direct XSS to exploit any project user who's viewing the Tracker or the Tracker notes.
Proof of concept
-------------------------------------------------
The following evidence is provided to illustrate the existence and
exploitation:
Create a release with the heading similar to this
<script> alert(‘hacked’)</script>
`
Solution
-------------------------------------------------
Contact vendor for a solution
Timeline
-------------------------------------------------
Date | Status
------------|-----------------------------
20-DEZ-2019 | Reported to vendor
03-JAN-2020 | Acknowledged by vendor
09-MAR-2020 | Patch available
26-MAR-2020 | Public disclosure
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
28 Mar 2020 00:00Current
5.2Medium risk
Vulners AI Score5.2
EPSS0.00323