484 matches found
CVE-2022-34466
A vulnerability has been identified in Mendix Applications using Mendix 9 All versions = V9.11 V9.15, Mendix Applications using Mendix 9 V9.12 All versions V9.12.3. An expression injection vulnerability was discovered in the Workflow subsystem of Mendix Runtime, that can affect the running...
CVE-2022-34466
CVE-2022-34466: A Mendix expression-injection vulnerability in the Workflow subsystem of Mendix Runtime affects Mendix 9 deployments. Affected are Mendix 9 versions 9.11–9.15 and 9.12 before 9.12.3. The issue could allow a malicious user to leak sensitive information in certain configurations. Re...
CVE-2022-31257
A vulnerability has been identified in Mendix Applications using Mendix 7 All versions V7.23.31, Mendix Applications using Mendix 8 All versions V8.18.18, Mendix Applications using Mendix 9 All versions V9.14.0, Mendix Applications using Mendix 9 V9.12 All versions V9.12.2, Mendix Applications...
CVE-2022-31257
The CVE-2022-31257 issue affects Mendix-based applications: Mendix 7 (before 7.23.31), Mendix 8 (before 8.18.18), and Mendix 9 (before 9.14.0, including 9.12 before 9.12.2 and 9.6 before 9.6.12). The root cause is an improper access control that allows bypassing password validations when an activ...
Siemens Mendix Applications using Mendix 9 注入漏洞
Mendix is a high-productivity application platform that enables the building and continuous improvement of mobile and web applications at scale.Siemens Mendix is vulnerable to an expression injection vulnerability that could be exploited by an attacker to compromise sensitive information in a...
PT-2022-20644 · Mendix · Mendix
Name of the Vulnerable Software and Affected Versions: Mendix Applications using Mendix 7 versions prior to 7.23.31 Mendix Applications using Mendix 8 versions prior to 8.18.18 Mendix Applications using Mendix 9 versions prior to 9.14.0 Mendix Applications using Mendix 9 V9.12 versions prior to...
PT-2022-22172 · Mendix · Mendix
Name of the Vulnerable Software and Affected Versions: Mendix Applications using Mendix 9 versions 9.11 through 9.14 Mendix Applications using Mendix 9 version 9.12 versions prior to 9.12.3 Description: An expression injection vulnerability was discovered in the Workflow subsystem of Mendix...
Siemens Mendix Applications using Mendix 7和Siemens Mendix Applications using Mendix 9 安全漏洞
Mendix is a high-productivity application platform that enables mobile and web applications to be built and continuously improved at scale. Siemens Mendix is vulnerable to an access control error that could be exploited by an attacker to set weak passwords...
Siemens Mendix Excel Importer Module 安全漏洞
The Mendix Excel Importer Module can import Excel data tables into Mendix applications. an XML entity extension injection vulnerability exists in the Siemens Mendix Excel Importer Module, which can be exploited by an attacker to compromise the availability of affected components...
Siemens Mendix Excel Importer
1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix Excel Importer Module Vulnerability: XML Entity Expansion 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to compromise the...
Siemens Mendix
1. EXECUTIVE SUMMARY CVSS v3 4.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to change the user’s password bypassing password...
Siemens Mendix Applications
1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix Applications Vulnerability: Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a malicious user to leak sensitive information if the...
Siemens Mendix SAML Module跨站脚本漏洞
The Mendix SAML Module allows authentication of users in cloud applications using SAML. The module can communicate with any identity provider that supports SAML 2.0 or Shibboleth. A cross-site scripting vulnerability exists in Siemens Mendix SAML Module, which can be exploited by attackers to...
Siemens Mendix SAML Module XML External Entity Reference Vulnerability
The Mendix SAML Module allows authentication of users in cloud applications using SAML. The module can communicate with any identity provider that supports SAML 2.0 or Shibboleth. An XML external entity reference vulnerability exists in Siemens Mendix SAML Module, which can be exploited by...
CVE-2022-32286
A vulnerability has been identified in Mendix SAML Module Mendix 7 compatible All versions V1.16.6, Mendix SAML Module Mendix 8 compatible All versions V2.2.2, Mendix SAML Module Mendix 9 compatible All versions V3.2.3. In certain configurations SAML module is vulnerable to Cross Site Scripting X...
CVE-2022-32286
A vulnerability has been identified in Mendix SAML Module Mendix 7 compatible All versions V1.16.6, Mendix SAML Module Mendix 8 compatible All versions V2.2.2, Mendix SAML Module Mendix 9 compatible All versions V3.2.3. In certain configurations SAML module is vulnerable to Cross Site Scripting X...
CVE-2022-32285
A vulnerability has been identified in Mendix SAML Module Mendix 7 compatible All versions V1.16.6, Mendix SAML Module Mendix 8 compatible All versions V2.2.2, Mendix SAML Module Mendix 9 compatible All versions V3.2.3. The affected module is vulnerable to XML External Entity XXE attacks due to...
CVE-2022-32285
A vulnerability has been identified in Mendix SAML Module Mendix 7 compatible All versions V1.16.6, Mendix SAML Module Mendix 8 compatible All versions V2.2.2, Mendix SAML Module Mendix 9 compatible All versions V3.2.3. The affected module is vulnerable to XML External Entity XXE attacks due to...
CVE-2022-32286
A vulnerability has been identified in Mendix SAML Module Mendix 7 compatible All versions V1.16.6, Mendix SAML Module Mendix 8 compatible All versions V2.2.2, Mendix SAML Module Mendix 9 compatible All versions V3.2.3. In certain configurations SAML module is vulnerable to Cross Site Scripting X...
CVE-2022-32285
A vulnerability has been identified in Mendix SAML Module Mendix 7 compatible All versions V1.16.6, Mendix SAML Module Mendix 8 compatible All versions V2.2.2, Mendix SAML Module Mendix 9 compatible All versions V3.2.3. The affected module is vulnerable to XML External Entity XXE attacks due to...