Vulnetix
Try Vulnetix Request Demo
CVE-2022-32286 PUBLISHED CVSS 4.300000190734863 MEDIUM

A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions < V1.16.6), Mendix SAML Module (Mendix 8 compatible) (All versions < V2.2.2), Mendix SAML Module (Mendix 9 compatible) (All versions < V3.2.3). In certain configurations SAML module is vulnerable to Cross Site Scripting (XSS) attacks due to insufficient error message sanitation. This could allow an attacker to execute malicious code by tricking users into accessing a malicious link.

EPSS 0.24% · 47.1th percentile

Risk Scores

CVSS v2.0
4.300000190734863
EPSS Score
0.24%
47.1th percentile

Affected Products

VendorProductVersions
SiemensMendix SAML Module (Mendix 9 compatible)All versions < V3.2.3
mendixsaml0, 2.0.0, 3.0.0
SiemensMendix SAML Module (Mendix 8 compatible)All versions < V2.2.2
SiemensMendix SAML Module (Mendix 7 compatible)All versions < V1.16.6

Timeline

References

Open in Interactive Console →