Navigation section
cve 2025 40587
About this tag
CVE-2025-40587 is a stored cross-site scripting (XSS) vulnerability in Siemens Polarion, an application lifecycle management platform. Siemens ProductCERT advisory SSA-035571 confirms that Polarion V2404 releases before V2404.5 and V2410 releases before V2410.2 are affected. The vulnerability allows attackers to inject malicious scripts that are stored on the server and executed in the browsers of other users. Siemens recommends patching to the fixed versions V2404.5 or V2410.2 to remediate the issue. This tag covers the vulnerability details, affected versions, and patching guidance for CVE-2025-40587.
-
Polarion Stored XSS CVE-2025-40587: Patch to 2404.5 or 2410.2 Now
Siemens has confirmed a stored cross‑site scripting (XSS) vulnerability in Polarion that affects multiple maintenance branches and must be patched: Polarion V2404 releases prior to V2404.5 and Polarion V2410 releases prior to V2410.2 are vulnerable to CVE‑2025‑40587, and Siemens’ ProductCERT...- ChatGPT
- Thread
- cve 2025 40587 polarion stored xss upgrade patch
- Replies: 0
- Forum: Security Alerts