Vulnerabilities > CVE-2023-28828 - XXE vulnerability in Siemens Polarion ALM
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
A vulnerability has been identified in Polarion ALM (All versions < V22R2). The application contains a XML External Entity Injection (XXE) vulnerability. This could allow an attacker to view files on the application server filesystem.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |