Vulnetix
Try Vulnetix Request Demo
SSA-740594 PUBLISHED CVSS 8.300000190734863 HIGH

The latest updates of Mendix the SAML module fixes two vulnerabilities. One is an XML External Entity (XXE) attack that could allow an attacker to potentially disclose confidential data under certain circumstances the other is an Cross Site Scripting (XSS) attack allowing to execute malicious code by tricking users into accessing a malicious link . Mendix has released an update for the Mendix SAML module and recommends to update to the latest version.

Risk Scores

CVSS v3.1
8.300000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L/E:P/RL:O/RC:C

Affected Products

VendorProductVersions
Mendix SAML Module (Mendix 7 compatible)
Mendix SAML Module (Mendix 8 compatible)
Mendix SAML Module (Mendix 9 compatible)

Timeline

References

Open in Interactive Console →