Vulnerabilities > CVE-2022-26313 - Unspecified vulnerability in Mendix Forgot Password 3.3.0/3.3.2/3.4.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
A vulnerability has been identified in Mendix Forgot Password Appstore module (All versions >= V3.3.0 < V3.5.1). In certain configurations of the affected product, a threat actor could use the sign up flow to hijack arbitrary user accounts.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |