2 matches found
CVE-2022-26313
A vulnerability has been identified in Mendix Forgot Password Appstore module All versions = V3.3.0 V3.5.1. In certain configurations of the affected product, a threat actor could use the sign up flow to hijack arbitrary user accounts...
CVE-2022-26313
The CVE-2022-26313 entry concerns the Mendix Forgot Password Appstore module, affected in all versions 3.3.0 through 3.5.1. Multiple sources (Red Hat CVE, ICSA, CNVD, CNNVD, etc.) describe an Improper Access Control flaw in which a threat actor could hijack arbitrary user accounts via the sign-up...