RSS   Podatności dla 'SAML'   RSS

2022-06-14
 
CVE-2022-32285

CWE-611
 

 
A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions < V1.16.6), Mendix SAML Module (Mendix 8 compatible) (All versions < V2.2.2), Mendix SAML Module (Mendix 9 compatible) (All versions < V3.2.3). The affected module is vulnerable to XML External Entity (XXE) attacks due to insufficient input sanitation. This may allow an attacker to disclose confidential data under certain circumstances.

 
2021-06-08
 
CVE-2021-33712

CWE-345
 

 
A vulnerability has been identified in Mendix SAML Module (All versions < V2.1.2). The configuration of the SAML module does not properly check various restrictions and validations imposed by an identity provider. This could allow a remote authenticated attacker to escalate privileges.

 

 >>> Vendor: Mendix 6 Produkty
SAML
Mendix
Mendixsso
Forgot password
Database replication
Excel importer


Copyright 2024, cxsecurity.com

 

Back to Top