cvedb.io
CVE-2023-28828
MEDIUM · CVSS 5.9
EPSS exploitation probability: 0%
Published 2023-04-11T10:15:18.393 · Last modified 2026-06-17T05:48:51.360

Summary

A vulnerability has been identified in Polarion ALM (All versions < V22R2). The application contains a XML External Entity Injection (XXE) vulnerability. This could allow an attacker to view files on the application server filesystem.

Affected products

siemens — polarion_alm

Does this affect you?

Add your gear to cvedb and we'll alert you only when siemens ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.