VYPR

Polarion Subversion Webclient

by Siemens Foundation

CVEs (3)

  • CVE-2021-44478Mar 8, 2022
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in Polarion ALM (All versions < V21 R2 P2), Polarion WebClient for SVN (All versions). A cross-site scripting is present due to improper neutralization of data sent to the web page through the SVN WebClient in the affected product. An attacker…

  • CVE-2020-15789Sep 9, 2020
    risk 0.00cvss epss 0.00

    A vulnerability has been identified in Polarion Subversion Webclient (All versions). The web interface could allow a Cross-Site Request Forgery (CSRF) attack if an unsuspecting user is tricked into accessing a malicious link. Successful exploitation requires user interaction by…

  • CVE-2020-15788Sep 9, 2020
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in Polarion Subversion Webclient (All versions). The Polarion subversion web application does not filter user input in a way that prevents Cross-Site Scripting. If a user is enticed into passing specially crafted, malicious input to the web…