CVE-2022-32286

🗓️ 14 Jun 2022 09:22:20Reported by siemensType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 49 Views

Vulnerability in Mendix SAML Module for Mendix 7, 8, and 9 allows XSS attacks

Reporter	Title	Published	Views	Family All 11
ATTACKERKB	CVE-2022-32286	14 Jun 202210:15	–	attackerkb
Circl	CVE-2022-32286	14 Jun 202214:19	–	circl
CNNVD	Siemens Mendix SAML Module 跨站脚本漏洞	14 Jun 202200:00	–	cnnvd
CNVD	Siemens Mendix SAML Module跨站脚本漏洞	15 Jun 202200:00	–	cnvd
Cvelist	CVE-2022-32286	14 Jun 202209:22	–	cvelist
EUVD	EUVD-2022-53481	3 Oct 202520:07	–	euvd
ICS	Siemens Mendix SAML Module	14 Jun 202200:00	–	ics
NVD	CVE-2022-32286	14 Jun 202210:15	–	nvd
OSV	CVE-2022-32286	14 Jun 202210:15	–	osv
Prion	Cross site scripting	14 Jun 202210:15	–	prion

NVD

Node

mendix samlRange<1.16.6

mendix samlRange2.0.0–2.2.2

mendix samlRange3.0.0–3.2.3

[
  {
    "product": "Mendix SAML Module (Mendix 7 compatible)",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V1.16.6"
      }
    ]
  },
  {
    "product": "Mendix SAML Module (Mendix 8 compatible)",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V2.2.2"
      }
    ]
  },
  {
    "product": "Mendix SAML Module (Mendix 9 compatible)",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V3.2.3"
      }
    ]
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-740594.pdf

21 Nov 2024 07:06Current

5.9Medium risk

Vulners AI Score5.9

CVSS 24.3

CVSS 3.16.1

EPSS0.0024

CWE-79