CVE-2022-32286

🗓️ 14 Jun 2022 09:22:20Reported by siemensType

Vulnerability in Mendix SAML Module allows XSS attack

Reporter	Title	Published	Views	Family All 11
ATTACKERKB	CVE-2022-32286	14 Jun 202210:15	–	attackerkb
Circl	CVE-2022-32286	14 Jun 202214:19	–	circl
CNNVD	Siemens Mendix SAML Module 跨站脚本漏洞	14 Jun 202200:00	–	cnnvd
CNVD	Siemens Mendix SAML Module跨站脚本漏洞	15 Jun 202200:00	–	cnvd
CVE	CVE-2022-32286	14 Jun 202209:22	–	cve
EUVD	EUVD-2022-53481	3 Oct 202520:07	–	euvd
ICS	Siemens Mendix SAML Module	14 Jun 202200:00	–	ics
NVD	CVE-2022-32286	14 Jun 202210:15	–	nvd
OSV	CVE-2022-32286	14 Jun 202210:15	–	osv
Prion	Cross site scripting	14 Jun 202210:15	–	prion

[
  {
    "product": "Mendix SAML Module (Mendix 7 compatible)",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V1.16.6"
      }
    ]
  },
  {
    "product": "Mendix SAML Module (Mendix 8 compatible)",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V2.2.2"
      }
    ]
  },
  {
    "product": "Mendix SAML Module (Mendix 9 compatible)",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V3.2.3"
      }
    ]
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-740594.pdf

14 Jun 2022 09:22Current

6.1Medium risk

Vulners AI Score6.1

EPSS0.0024

CWE-79