CVE-2021-33712

A vulnerability has been identified in Mendix SAML Module All versions V2.1.2. The configuration of the SAML module does not properly check various restrictions and validations imposed by an identity provider. This could allow a remote authenticated attacker to escalate privileges...

CVE-2025-50055

Cross-site scripting XSS vulnerability in the SAML Authentication module in OpenVPN Access Server version 2.14.0 through 2.14.3 allows configured remote SAML Assertion Consumer Service ACS endpoint servers to inject arbitrary web script or HTML via the RelayState parameter...

EUVD-2025-36169

Cross-site scripting XSS vulnerability in the SAML Authentication module in OpenVPN Access Server version 2.14.0 through 2.14.3 allows configured remote SAML Assertion Consumer Service ACS endpoint servers to inject arbitrary web script or HTML via the RelayState parameter...

CVE-2025-50055

Cross-site scripting XSS vulnerability in the SAML Authentication module in OpenVPN Access Server version 2.14.0 through 2.14.3 allows configured remote SAML Assertion Consumer Service ACS endpoint servers to inject arbitrary web script or HTML via the RelayState parameter...

CVE-2025-50055

OpenVPN Access Server 2.14.0–2.14.3 exposes an XSS vulnerability in the SAML Authentication module via the RelayState parameter. The issue allows an attacker-controlled RelayState to inject arbitrary script/HTML, potentially leading to client-side impact. The CVE description in official records n...

EUVD-2021-20389

Malware in sbrugna...

EUVD-2022-53480

Malicious code in bioql PyPI...

EUVD-2022-53481

Malicious code in bioql PyPI...

CVE-2022-32285

A vulnerability has been identified in Mendix SAML Module Mendix 7 compatible All versions V1.16.6, Mendix SAML Module Mendix 8 compatible All versions V2.2.2, Mendix SAML Module Mendix 9 compatible All versions V3.2.3. The affected module is vulnerable to XML External Entity XXE attacks due to...

CVE-2022-32286

A vulnerability has been identified in Mendix SAML Module Mendix 7 compatible All versions V1.16.6, Mendix SAML Module Mendix 8 compatible All versions V2.2.2, Mendix SAML Module Mendix 9 compatible All versions V3.2.3. In certain configurations SAML module is vulnerable to Cross Site Scripting X...

Siemens Mendix SAML Module Certification Bypass Vulnerability (CNVD-2023-17659)

The Mendix SAML Module allows the use of SAML to authenticate users in cloud applications. The module can communicate with any identity provider that supports SAML 2.0 or Shibboleth. An authentication bypass vulnerability exists in Siemens Mendix SAML Module, which stems from inadequate validatio...

Siemens Mendix SAML Module

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

PT-2023-3305 · Mendix · Mendix Saml

Name of the Vulnerable Software and Affected Versions: Mendix SAML Mendix 7 compatible versions 1.16.4 through 1.18.0 Mendix SAML Mendix 8 compatible versions 2.2.0 through 2.4.0 Mendix SAML Mendix 9 latest compatible, New Track versions 3.1.9 through 3.6.1 Mendix SAML Mendix 9 latest compatible,...

CISA Releases Twelve Industrial Control Systems Advisories

CISA released twelve Industrial Control Systems ICS advisories on January 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

Siemens Mendix SAML Module

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: Mendix SAML Module Vulnerability: Authentication Bypass by Capture-replay 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA- ICSA-22-258-04 Siemens Mendix SAML...

Siemens Mendix SAML Module XML External Entity Reference Vulnerability

The Mendix SAML Module allows authentication of users in cloud applications using SAML. The module can communicate with any identity provider that supports SAML 2.0 or Shibboleth. An XML external entity reference vulnerability exists in Siemens Mendix SAML Module, which can be exploited by...

Siemens Mendix SAML Module跨站脚本漏洞

The Mendix SAML Module allows authentication of users in cloud applications using SAML. The module can communicate with any identity provider that supports SAML 2.0 or Shibboleth. A cross-site scripting vulnerability exists in Siemens Mendix SAML Module, which can be exploited by attackers to...

CVE-2022-32285

A vulnerability has been identified in Mendix SAML Module Mendix 7 compatible All versions V1.16.6, Mendix SAML Module Mendix 8 compatible All versions V2.2.2, Mendix SAML Module Mendix 9 compatible All versions V3.2.3. The affected module is vulnerable to XML External Entity XXE attacks due to...

CVE-2022-32286

A vulnerability has been identified in Mendix SAML Module Mendix 7 compatible All versions V1.16.6, Mendix SAML Module Mendix 8 compatible All versions V2.2.2, Mendix SAML Module Mendix 9 compatible All versions V3.2.3. In certain configurations SAML module is vulnerable to Cross Site Scripting X...

CVE-2022-32286

A vulnerability has been identified in Mendix SAML Module Mendix 7 compatible All versions V1.16.6, Mendix SAML Module Mendix 8 compatible All versions V2.2.2, Mendix SAML Module Mendix 9 compatible All versions V3.2.3. In certain configurations SAML module is vulnerable to Cross Site Scripting X...