Vulnerability CVE-2023-28828
Published: 2023-04-11

Description:
A vulnerability has been identified in Polarion ALM (All versions < V2304.0). The application contains a XML External Entity Injection (XXE) vulnerability. This could allow an attacker to view files on the application server filesystem.

Type:

CWE-611

 (Information Exposure Through XML External Entity Reference)

 References:
https://cert-portal.siemens.com/productcert/pdf/ssa-632164.pdf
Copyright 2026, cxsecurity.com

 

Back to Top