8 matches found
CVE-2025-40834
A vulnerability has been identified in Mendix RichText All versions = V4.0.0 V4.6.1. Affected widget does not properly neutralize the input. This could allow an attacker to execute cross-site scripting attacks...
CVE-2025-40834
A vulnerability has been identified in Mendix RichText All versions = V4.0.0 V4.6.1. Affected widget does not properly neutralize the input. This could allow an attacker to execute cross-site scripting attacks...
CVE-2025-40834
A vulnerability has been identified in Mendix RichText All versions = V4.0.0 V4.6.1. Affected widget does not properly neutralize the input. This could allow an attacker to execute cross-site scripting attacks...
EUVD-2025-197785
A vulnerability has been identified in Mendix RichText All versions = V4.0.0 V4.6.1. Affected widget does not properly neutralize the input. This could allow an attacker to execute cross-site scripting attacks...
CVE-2025-40834
A vulnerability has been identified in Mendix RichText All versions = V4.0.0 V4.6.1. Affected widget does not properly neutralize the input. This could allow an attacker to execute cross-site scripting attacks...
CVE-2025-40834
CVE-2025-40834 affects the Mendix RichText widget. All versions from 4.0.0 up to 4.6.0 are vulnerable because the widget does not properly neutralize user input, enabling cross-site scripting (XSS). The issue is rooted in insufficient input filtering/escaping within the RichText component. Impact...
PT-2025-47141
Name of the Vulnerable Software and Affected Versions Mendix RichText versions 4.0.0 through 4.6.0 Description The Mendix RichText widget does not properly neutralize input, which could allow an attacker to execute cross-site scripting attacks. Recommendations Update to version 4.6.1 or later...
Siemens Mendix RichText 跨站脚本漏洞
The Mendix Rich Text component is a powerful rich text editor. Create richly formatted text with HTML output. A cross-site scripting vulnerability exists in the Siemens Mendix RichText component, version V4.0.0 through versions prior to V4.6.1, which can be exploited to implant cross-site scripti...