Vulnerabilities > CVE-2023-28828 - XXE vulnerability in Siemens Polarion ALM 21.0
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
A vulnerability has been identified in Polarion ALM (All versions < V22R2). The application contains a XML External Entity Injection (XXE) vulnerability. This could allow an attacker to view files on the application server filesystem.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 |