467 matches found
Default credentials
A vulnerability has been identified in Mendix Applications using Mendix 7 All versions V7.23.31, Mendix Applications using Mendix 8 All versions V8.18.18, Mendix Applications using Mendix 9 All versions V9.14.0, Mendix Applications using Mendix 9 V9.12 All versions V9.12.2, Mendix Applications...
Code injection
A vulnerability has been identified in Mendix Applications using Mendix 9 All versions = V9.11 V9.15, Mendix Applications using Mendix 9 V9.12 All versions V9.12.3. An expression injection vulnerability was discovered in the Workflow subsystem of Mendix Runtime, that can affect the running...
CVE-2022-34467
CVE-2022-34467 affects Siemens Mendix Excel Importer Module. The vulnerability is an XML Entity Expansion Injection in the Mendix Excel Importer Module (Mendix 8 compatible: all versions < v9.2.2; Mendix 9 compatible: all versions
CVE-2022-34467
A vulnerability has been identified in Mendix Excel Importer Module Mendix 8 compatible All versions V9.2.2, Mendix Excel Importer Module Mendix 9 compatible All versions V10.1.2. The affected component is vulnerable to XML Entity Expansion Injection. An attacker may use this to compromise the...
CVE-2022-34466
CVE-2022-34466: A Mendix expression-injection vulnerability in the Workflow subsystem of Mendix Runtime affects Mendix 9 deployments. Affected are Mendix 9 versions 9.11–9.15 and 9.12 before 9.12.3. The issue could allow a malicious user to leak sensitive information in certain configurations. Re...
CVE-2022-34466
A vulnerability has been identified in Mendix Applications using Mendix 9 All versions = V9.11 V9.15, Mendix Applications using Mendix 9 V9.12 All versions V9.12.3. An expression injection vulnerability was discovered in the Workflow subsystem of Mendix Runtime, that can affect the running...
CVE-2022-31257
A vulnerability has been identified in Mendix Applications using Mendix 7 All versions V7.23.31, Mendix Applications using Mendix 8 All versions V8.18.18, Mendix Applications using Mendix 9 All versions V9.14.0, Mendix Applications using Mendix 9 V9.12 All versions V9.12.2, Mendix Applications...
CVE-2022-31257
The CVE-2022-31257 issue affects Mendix-based applications: Mendix 7 (before 7.23.31), Mendix 8 (before 8.18.18), and Mendix 9 (before 9.14.0, including 9.12 before 9.12.2 and 9.6 before 9.6.12). The root cause is an improper access control that allows bypassing password validations when an activ...
Siemens Mendix Applications using Mendix 7和Siemens Mendix Applications using Mendix 9 安全漏洞
Mendix is a high-productivity application platform that enables mobile and web applications to be built and continuously improved at scale. Siemens Mendix is vulnerable to an access control error that could be exploited by an attacker to set weak passwords...
Siemens Mendix Excel Importer
1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix Excel Importer Module Vulnerability: XML Entity Expansion 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to compromise the...
Siemens Mendix Applications using Mendix 9 注入漏洞
Mendix is a high-productivity application platform that enables the building and continuous improvement of mobile and web applications at scale.Siemens Mendix is vulnerable to an expression injection vulnerability that could be exploited by an attacker to compromise sensitive information in a...
Siemens Mendix Excel Importer Module 安全漏洞
The Mendix Excel Importer Module can import Excel data tables into Mendix applications. an XML entity extension injection vulnerability exists in the Siemens Mendix Excel Importer Module, which can be exploited by an attacker to compromise the availability of affected components...
PT-2022-22172 · Mendix · Mendix
Name of the Vulnerable Software and Affected Versions: Mendix Applications using Mendix 9 versions 9.11 through 9.14 Mendix Applications using Mendix 9 version 9.12 versions prior to 9.12.3 Description: An expression injection vulnerability was discovered in the Workflow subsystem of Mendix...
PT-2022-20644 · Mendix · Mendix
Name of the Vulnerable Software and Affected Versions: Mendix Applications using Mendix 7 versions prior to 7.23.31 Mendix Applications using Mendix 8 versions prior to 8.18.18 Mendix Applications using Mendix 9 versions prior to 9.14.0 Mendix Applications using Mendix 9 V9.12 versions prior to...
Siemens Mendix
1. EXECUTIVE SUMMARY CVSS v3 4.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to change the user’s password bypassing password...
Siemens Mendix Applications
1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix Applications Vulnerability: Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a malicious user to leak sensitive information if the...
Siemens Mendix SAML Module XML External Entity Reference Vulnerability
The Mendix SAML Module allows authentication of users in cloud applications using SAML. The module can communicate with any identity provider that supports SAML 2.0 or Shibboleth. An XML external entity reference vulnerability exists in Siemens Mendix SAML Module, which can be exploited by...
Siemens Mendix SAML Module跨站脚本漏洞
The Mendix SAML Module allows authentication of users in cloud applications using SAML. The module can communicate with any identity provider that supports SAML 2.0 or Shibboleth. A cross-site scripting vulnerability exists in Siemens Mendix SAML Module, which can be exploited by attackers to...
CVE-2022-32285
A vulnerability has been identified in Mendix SAML Module Mendix 7 compatible All versions V1.16.6, Mendix SAML Module Mendix 8 compatible All versions V2.2.2, Mendix SAML Module Mendix 9 compatible All versions V3.2.3. The affected module is vulnerable to XML External Entity XXE attacks due to...
CVE-2022-32286
A vulnerability has been identified in Mendix SAML Module Mendix 7 compatible All versions V1.16.6, Mendix SAML Module Mendix 8 compatible All versions V2.2.2, Mendix SAML Module Mendix 9 compatible All versions V3.2.3. In certain configurations SAML module is vulnerable to Cross Site Scripting X...