QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2022-32286

Back to search

CVE-2022-32286

Published: Jun 14, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions < V1.16.6), Mendix SAML Module (Mendix 8 compatible) (All versions < V2.2.2), Mendix SAML Module (Mendix 9 compatible) (All versions < V3.2.3). In certain configurations SAML module is vulnerable to Cross Site Scripting (XSS) attacks due to insufficient error message sanitation. This could allow an attacker to execute malicious code by tricking users into accessing a malicious link.

VendorProductVersions

Siemens

Mendix SAML Module (Mendix 7 compatible)

affected
All versions < V1.16.6

Siemens

Mendix SAML Module (Mendix 8 compatible)

affected
All versions < V2.2.2

Siemens

Mendix SAML Module (Mendix 9 compatible)

affected
All versions < V3.2.3

Weaknesses (CWE)

CWE-79

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now