Vulnerabilities > CVE-2022-26313 - Unspecified vulnerability in Mendix Forgot Password 3.3.0/3.3.2/3.4.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
mendix
Summary
A vulnerability has been identified in Mendix Forgot Password Appstore module (All versions >= V3.3.0 < V3.5.1). In certain configurations of the affected product, a threat actor could use the sign up flow to hijack arbitrary user accounts.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |