Risk Scores
CVSS v3.1
7.599999904632568
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Polarion V2404 | |
| Siemens | Polarion V2410 |
Timeline
- Feb 10, 2026 CVE Published
The affected application allows arbitrary JavaScript code be included in document titles. This could allow an authenticated remote attacker to conduct a stored cross-site scripting attack by creating specially crafted document titles that are later viewed by other users of the application.
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Polarion V2404 | |
| Siemens | Polarion V2410 |