exploitDog

GHSA-28cv-g234-w9cx

Опубликовано: 11 апр. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

A vulnerability has been identified in Polarion ALM (All versions < V2304.0). The application contains a XML External Entity Injection (XXE) vulnerability. This could allow an attacker to view files on the application server filesystem.

A vulnerability has been identified in Polarion ALM (All versions < V2304.0). The application contains a XML External Entity Injection (XXE) vulnerability. This could allow an attacker to view files on the application server filesystem.

Ссылки

EPSS

Процентиль: 36%

0.00147

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-611

Связанные уязвимости

CVE-2023-28828

CVSS3: 5.9

nvd

больше 2 лет назад

A vulnerability has been identified in Polarion ALM (All versions < V22R2). The application contains a XML External Entity Injection (XXE) vulnerability. This could allow an attacker to view files on the application server filesystem.

EPSS

Процентиль: 36%

0.00147

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-611