Vulnerabilities > Mendix > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-10 | CVE-2023-43623 | Information Exposure Through Discrepancy vulnerability in Mendix Forgot Password A vulnerability has been identified in Mendix Forgot Password (Mendix 10 compatible) (All versions < V5.4.0), Mendix Forgot Password (Mendix 7 compatible) (All versions < V3.7.3), Mendix Forgot Password (Mendix 8 compatible) (All versions < V4.1.3), Mendix Forgot Password (Mendix 9 compatible) (All versions < V5.4.0). | 5.3 |
| 2023-01-10 | CVE-2022-46823 | Cross-site Scripting vulnerability in Mendix Saml 2.3.0/3.3.0/3.3.1 A vulnerability has been identified in Mendix SAML (Mendix 8 compatible) (All versions >= V2.3.0 < V2.3.4), Mendix SAML (Mendix 9 compatible, New Track) (All versions >= V3.3.0 < V3.3.9), Mendix SAML (Mendix 9 compatible, Upgrade Track) (All versions >= V3.3.0 < V3.3.8). | 6.1 |
| 2022-07-12 | CVE-2022-34466 | Expression Language Injection vulnerability in Mendix A vulnerability has been identified in Mendix Applications using Mendix 9 (All versions >= V9.11 < V9.15), Mendix Applications using Mendix 9 (V9.12) (All versions < V9.12.3). | 6.5 |
| 2022-07-12 | CVE-2022-34467 | XML Entity Expansion vulnerability in Mendix Excel Importer A vulnerability has been identified in Mendix Excel Importer Module (Mendix 8 compatible) (All versions < V9.2.2), Mendix Excel Importer Module (Mendix 9 compatible) (All versions < V10.1.2). | 4.0 |
| 2022-06-14 | CVE-2022-32285 | XXE vulnerability in Mendix Saml A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions < V1.16.6), Mendix SAML Module (Mendix 8 compatible) (All versions < V2.2.2), Mendix SAML Module (Mendix 9 compatible) (All versions < V3.2.3). | 4.3 |
| 2022-06-14 | CVE-2022-32286 | Cross-site Scripting vulnerability in Mendix Saml A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions < V1.16.6), Mendix SAML Module (Mendix 8 compatible) (All versions < V2.2.2), Mendix SAML Module (Mendix 9 compatible) (All versions < V3.2.3). | 4.3 |
| 2022-04-12 | CVE-2022-25650 | Unspecified vulnerability in Mendix A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.27), Mendix Applications using Mendix 8 (All versions < V8.18.14), Mendix Applications using Mendix 9 (All versions < V9.12.0), Mendix Applications using Mendix 9 (V9.6) (All versions < V9.6.3). | 6.5 |
| 2022-04-12 | CVE-2022-27241 | Information Exposure vulnerability in Mendix A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.31), Mendix Applications using Mendix 8 (All versions < V8.18.18), Mendix Applications using Mendix 9 (All versions < V9.11), Mendix Applications using Mendix 9 (V9.6) (All versions < V9.6.12). | 5.0 |
| 2022-03-08 | CVE-2022-26313 | Unspecified vulnerability in Mendix Forgot Password 3.3.0/3.3.2/3.4.0 A vulnerability has been identified in Mendix Forgot Password Appstore module (All versions >= V3.3.0 < V3.5.1). network mendix | 6.8 |
| 2022-03-08 | CVE-2022-26317 | Use of Insufficiently Random Values vulnerability in Mendix A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.29). | 6.5 |