Cross-Site Scripting (XSS) Vulnerability in Intland codeBeamer ALM 9.5 and Earlier: Upload Flash File Feature
CVE-2019-19912 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
In Intland codeBeamer ALM 9.5 and earlier, a cross-site scripting (XSS) vulnerability in the Upload Flash File feature allows authenticated remote attackers to inject arbitrary scripts via an active script embedded in an SWF file.
Learn more about our Web Application Penetration Testing UK.