SSA-562051 V1.0: Cross-Site Scripting Vulnerability in Polarion ALM

March 8, 2022, midnight |

Siemens ProductCERT Security Advisories cert-portal.siemens.com

An attacker could trigger malicious actions via a cross-site scripting vulnerability by sending crafted links to an administrator user of Polarion ALM.

Siemens has released an update for the Polarion Subversion Webclient and recommends to update to the latest version.

actions administrator attacker cross-site latest links malicious scripting siemens ssa subversion trigger update version vulnerability

Visit resource

More from cert-portal.siemens.com / Siemens ProductCERT Security Advisories

SSA-923361 V1.0: MODEL File Parsing Vulnerability in Tecnomatix Plant Simulation before V2302.0011 1 week ago | cert-portal.siemens.com

application arbitrary code arbitrary code execution code +9

SSA-871704 V1.0: Multiple Vulnerabilities in SICAM Products 1 week ago | cert-portal.siemens.com

code code execution device escalation +14

SSA-925850 V1.0: Improper Access Control in Polarion ALM 1 week ago | cert-portal.siemens.com

access access control access controls apache +11

SSA-976324 V1.0: Multiple IGS File Parsing Vulnerabilities in PS/IGES Parasolid Translator Component before V27.1.215 1 week ago | cert-portal.siemens.com

application crash file files +6

SSA-953710 V1.0: Vulnerabilities in the Network Communication Stack in Desigo Fire Safety UL and Cerberus … 1 week ago | cert-portal.siemens.com

access attacker buffer buffer overflow +17

SSA-916916 V1.0: Security Vulnerabilities Fixed in RUGGEDCOM CROSSBOW V5.5 1 week ago | cert-portal.siemens.com

application arbitrary files attacker attacks +18

SSA-935500 V1.1 (Last Update: 2024-05-14): Denial of Service Vulnerability in FTP Server of Nucleus RTOS … 1 week ago | cert-portal.siemens.com

countermeasures fix fixes latest +6

SSA-962515 V1.0: Out of Bounds Read Vulnerability in Industrial Products 1 week ago | cert-portal.siemens.com

attacker blue bsod crash +13

SSA-661579 V1.0: Multiple File Parsing Vulnerabilities in Teamcenter Visualization and JT2Go 1 week ago | cert-portal.siemens.com

application crash file files +7

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Cybersecurity CASB Engineer - Corporate (Las Vegas)

@ Caesars Entertainment | United States

View on infosec-jobs.com

Cyber Security Engineer II (Boundary Protection,WAF, ZTNA,AWS)

@ FICO | Bengaluru, India

View on infosec-jobs.com

all InfoSec news

SSA-562051 V1.0: Cross-Site Scripting Vulnerability in Polarion ALM

More from cert-portal.siemens.com / Siemens ProductCERT Security Advisories

Jobs in InfoSec / Cybersecurity

Sr. Product Manager

Information Security Engineers

Technology Security Analyst

Senior Cyber Security Analyst

Cybersecurity CASB Engineer - Corporate (Las Vegas)

Cyber Security Engineer II (Boundary Protection,WAF, ZTNA,AWS)