3 matches found
CVE-2023-28828
A vulnerability has been identified in Polarion ALM All versions V22R2. The application contains a XML External Entity Injection XXE vulnerability. This could allow an attacker to view files on the application server filesystem...
CVE-2023-28828
A vulnerability has been identified in Polarion ALM All versions V22R2. The application contains a XML External Entity Injection XXE vulnerability. This could allow an attacker to view files on the application server filesystem...
CVE-2023-28828
CVE-2023-28828 is an XXE vulnerability in Polarion ALM affecting all versions prior to V22R2 (and referenced in related advisories for V2304.0). The root cause is improper restriction of XML External Entity references, enabling an attacker to view files on the application server filesystem. Impac...