467 matches found
Cross site scripting
A vulnerability has been identified in Mendix SAML Mendix 8 compatible All versions = V2.3.0 = V3.3.0 = V3.3.0 V3.3.8. The affected module is vulnerable to reflected cross-site scripting XSS attacks. This could allow an attacker to extract sensitive information by tricking users into accessing a...
CVE-2022-46823
CVE-2022-46823 affects Siemens Mendix SAML (Mendix 8 compatible: 2.3.0–2.3.3; Mendix 9 compatible, New Track: 3.3.0–3.3.8; Mendix 9 compatible, Upgrade Track: 3.3.0–3.3.7). The vulnerability is reflected cross-site scripting (XSS), enabling an attacker to extract sensitive information by guiding ...
CVE-2022-46823
A vulnerability has been identified in Mendix SAML Mendix 8 compatible All versions = V2.3.0 = V3.3.0 = V3.3.0 V3.3.8. The affected module is vulnerable to reflected cross-site scripting XSS attacks. This could allow an attacker to extract sensitive information by tricking users into accessing a...
CVE-2022-46823
A vulnerability has been identified in Mendix SAML Mendix 8 compatible All versions = V2.3.0 = V3.3.0 = V3.3.0 V3.3.8. The affected module is vulnerable to reflected cross-site scripting XSS attacks. This could allow an attacker to extract sensitive information by tricking users into accessing a...
Siemens Mendix 跨站脚本漏洞
The Mendix SAML module uses SAML to authenticate users in cloud applications. The module can communicate with any identity provider that supports SAML 2.0 or Shibboleth. A cross-site scripting vulnerability exists in Siemens Mendix SAML Module, which can be exploited by attackers to extract...
Siemens Mendix SAML Module
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
PT-2023-1146 · Mendix · Mendix Saml
Name of the Vulnerable Software and Affected Versions: Mendix SAML Mendix 8 compatible versions 2.3.0 through 2.3.3 Mendix SAML Mendix 9 compatible, New Track versions 3.3.0 through 3.3.8 Mendix SAML Mendix 9 compatible, Upgrade Track versions 3.3.0 through 3.3.7 Description: The affected module ...
Siemens Mendix Workflow Commons Module Improper Access Control Vulnerability
Siemens Mendix Workflow Commons Module provides out-of-the-box content to help you get started building workflows in Mendix.A security vulnerability exists in Siemens Mendix Workflow Commons Module due to a failure of the affected module version to properly handle access control for certain modul...
Siemens Mendix Email Connector Module Improper Access Control Vulnerability
Siemens Mendix Email Connector Module allows email to be sent and received on its own email server and adds new features such as sending signed and encrypted emails.A security vulnerability exists in Siemens Mendix Email Connector Module due to a version of the affected module that fails to...
CVE-2022-46664
A vulnerability has been identified in Mendix Workflow Commons All versions V2.4.0, Mendix Workflow Commons V2.1 All versions V2.1.4, Mendix Workflow Commons V2.3 All versions V2.3.2. Affected versions of the module improperly handle access control for some module entities. This could allow...
CVE-2022-46664
A vulnerability has been identified in Mendix Workflow Commons All versions V2.4.0, Mendix Workflow Commons V2.1 All versions V2.1.4, Mendix Workflow Commons V2.3 All versions V2.3.2. Affected versions of the module improperly handle access control for some module entities. This could allow...
CVE-2022-45936
A vulnerability has been identified in Mendix Email Connector All versions V2.0.0. Affected versions of the module improperly handle access control for some module entities. This could allow authenticated remote attackers to read and manipulate sensitive information...
CVE-2022-45936
A vulnerability has been identified in Mendix Email Connector All versions V2.0.0. Affected versions of the module improperly handle access control for some module entities. This could allow authenticated remote attackers to read and manipulate sensitive information...
Information disclosure
A vulnerability has been identified in Mendix Email Connector All versions V2.0.0. Affected versions of the module improperly handle access control for some module entities. This could allow authenticated remote attackers to read and manipulate sensitive information...
Information disclosure
A vulnerability has been identified in Mendix Workflow Commons All versions V2.4.0, Mendix Workflow Commons V2.1 All versions V2.1.4, Mendix Workflow Commons V2.3 All versions V2.3.2. Affected versions of the module improperly handle access control for some module entities. This could allow...
CVE-2022-46664
A vulnerability has been identified in Mendix Workflow Commons All versions V2.4.0, Mendix Workflow Commons V2.1 All versions V2.1.4, Mendix Workflow Commons V2.3 All versions V2.3.2. Affected versions of the module improperly handle access control for some module entities. This could allow...
PT-2022-27693 · Mendix · Mendix Email Connector
Name of the Vulnerable Software and Affected Versions: Mendix Email Connector versions prior to 2.0.0 Description: A vulnerability has been identified in the handling of access control for some module entities. This could allow authenticated remote attackers to read and manipulate sensitive...
CVE-2022-45936
The CVE-2022-45936 vulnerability affects Mendix Email Connector versions prior to 2.0.0. It is an improper access control issue in certain module entities, allowing an authenticated remote attacker to read and manipulate sensitive information. CVSS v3.1 base score is 8.1 (HIGH) with network attac...
PT-2022-27936 · Mendix · Mendix Workflow Commons
Name of the Vulnerable Software and Affected Versions: Mendix Workflow Commons versions prior to 2.4.0 Mendix Workflow Commons V2.1 versions prior to 2.1.4 Mendix Workflow Commons V2.3 versions prior to 2.3.2 Description: A vulnerability has been identified in the handling of access control for...
Siemens Mendix Email Connector 安全漏洞
Siemens Mendix Email Connector Module allows email to be sent and received on its own email server and adds new features such as sending signed and encrypted emails.A security vulnerability exists in Siemens Mendix Email Connector Module due to a version of the affected module that fails to...