Vulnerabilities > Mendix > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-12 | CVE-2021-31339 | Unspecified vulnerability in Mendix Excel Importer A vulnerability has been identified in Mendix Excel Importer Module (All versions < V9.0.3). | 4.3 |
| 2021-05-12 | CVE-2021-31341 | Unspecified vulnerability in Mendix Database Replication Uploading a table mapping using a manipulated XML file results in an exception that could expose information about the application-server and the used XML-framework on the Mendix Database Replication Module (All versions prior to v7.0.1). | 4.3 |
| 2021-01-06 | CVE-2020-8160 | Cross-site Scripting vulnerability in Mendix Mendixsso 2.0.0/2.1.0/2.1.1 MendixSSO <= 2.1.1 contains endpoints that make use of the openid handler, which is suffering from a Cross-Site Scripting vulnerability via the URL path. | 6.1 |
| 2019-09-10 | CVE-2019-12996 | Server-Side Request Forgery (SSRF) vulnerability in Mendix In Mendix 7.23.5 and earlier, issue in XML import mappings allow DOCTYPE declarations in the XML input that is potentially unsafe. | 5.3 |